Enabling AAV Logging for an Alchemy Compatibility Package

Save to PDF

Applies to: Alchemy

06/03/2023 Cliff Hobbs   ID: 267092

Delete

Important

The information in this article only applies to AAV logging and not the logs created by the actual Compatibility Package itself.

Logging for AAV in Cloudhouse Alchemy Compatibility Packages is disabled by default as it should only be enabled for testing and troubleshooting purposes.

Starting in Release 1904, several changes were made to both the way AAV logging is enabled and the information captured in the logs.

Note

See Enabling AAV Logging in Alchemy Releases Pre-1904 if you need to enable AAV logging for a Release 1903 (and earlier) Compatibility Package.

From Release 1904, the AAV log for child processes includes the following columns:

Column Description
TIMESTAMP Date and time the log file entry was written.
TID Thread ID that generated the log item.
LOG TYPE Defines the type of log entry:
  • INFO – Contains general information such as a file was redirected.
  • ERROR – Generated when the Windows API function fails.
  • DEBUG – Used to show the information mainly by developers and is used to record information on how AAV is running.
CATEGORY Categories represent the area each API belongs to. For example File or Registry. Categories also have subcategories such as Redirected or NotRedirected.
FUNCTION:LINE The function generating a log event message. It will often be a Windows API, although internal AAV functions generate their own log events.
FROM This will usually be the from/original name. For example the filename, registry key, and so forth.
TO Will usually be the virtualised name (filename, registry). It can also be blank to indicate the original name has remained the same.

Note

For application logging, where we virtualise from one location to another the FROM/TO fields are populated. However, FROM may just be used to record details of an API accessing a location that is not virtualised (for example registry access to a non-virtualised path). 
The FROM/TO fields may also be blank where a location/object isn't virtualised, but we want to record a log event (the message will contain details of the event). For example, the NotWow64Process virtualises the Windows API PrintDlg and we record just the information about this occurring.
MESSAGE This is additional information relating to the function generating the log event (for example other parameters), which means this is different for each function. For example, for FILE API's it could be the desired access. For COM, it could be the class registration.
ERROR (CODE) If an error occurs, the error code generated is displayed.
MESSAGE The error message associated with the error code.

Note

In the 1904 release, the log file format has only been updated for the child process log and not for AAV itself, which may be updated in a later release.

Process to enable AAV Logging for a Release 1904 (and later) Alchemy Compatibility Package

  1. Navigate to the relevant Compatibility Package.
  2. Open AppAcceleratorV.clc in a text editor (such as Notepad++).
  3. Create the AAV tag as shown below and set the value for Log to one of the following, depending on the level of logging required:
    • Off – The default, where logging is disabled.
    • On – Only high-level APIs are logged. There is no nesting of log entries/logging of any lower level API calls. For example, when you create a file, the CreateFile API is called. This, in turn, calls the lower level API NTCreateFile. With logging set to On, you will not see entries for the lower-level APIs called such as NTCreateFile in our example.
    • Verbose – All entries, both high-level and low-level API calls.
<AAV Log="<value>"

Note

See the Example Log Entries section below for examples of the actual log entries created when logging is set to On/Verbose.

  1. Save AppAcceleratorV.clc

Example Log Entries

If AAV logging is set to On, only higher-level APIs are logged. For example:

11:22:38.947    0000DED8    Info    File-NotRedirected    chCreateFileW:41    "C:\Windows\Fonts\staticcache.dat"    ""    ""    ""
11:22:38.949    0000DED8    Info    Registry-NotRedirected    chRegOpenKeyExW:33    "SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback"    ""    ""    ""

If AAV logging is set to Verbose, both higher level and APIs are logged. For example:

11:18:19.384    00007054    Info    File-NotRedirected    chNtCreateFile:23    "\??\C:\Windows\Fonts\staticcache.dat"    ""    ""    ""
11:18:19.384    00007054    Info    File-NotRedirected    chCreateFileW:41    "C:\Windows\Fonts\staticcache.dat"    ""    ""    ""
11:18:19.385    00007054    Info    Registry-NotRedirected    chNtOpenKeyEx:56    "SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback"    ""    ""    ""
11:18:19.385    00007054    Info    Registry-NotRedirected    chRegOpenKeyExW:33    "SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback"    ""    ""    ""

Backwards compatibility

Use of PackageId to enable AAV logging is still supported (even in 1904 and later versions). For example:

<AAV PackageId="thisismyid" LogExe="Full">

Enabling AAV Logging in Alchemy Releases Pre-1904

Delete

Important

You should only use the process in this document to enable AAV logging for a Release 1903 (and earlier) Compatibility Package.

Otherwise, see the information at the beginning of this article if you are running a later version.

Process to enable AAV Logging for a Pre-1904 release Alchemy Compatibility Package

  1. Navigate to the appropriate Compatibility Package folder.
  2. Open AppAcceleratorV.clc in Notepad++.
  3. Create the AAV tag as shown below and set the value for LogExe and LogDll to Full or Error depending on the level of logging you require:
    • Configuring logging for LogExe logs the parent process, e.g. AppAcceleratorV.
    • Configuring logging for LogDll logs the child process(es), redirected by AAV.

      For example:
      <AAV LogExe="Full" LogDll="Full">
  4. Save AppAcceleratorV.clc

Warning

Configuring AAV logging for a 1904 (or later) Compatibility Package using the above process results in no logs being generated. No errors or warnings will be displayed to highlight the incorrect configuration. These tags are just ignored. 

See the Process to enable Logging for a Release 1904 (and later) Alchemy Compatibility Package section above if you want to enable logging for a Package created in release 1904 or later.

Backwards compatibility

Use of PackageId to enable AAV logging is still supported (even in 1904 and later versions). For example:

<AAV PackageId="thisismyid" LogExe="Full">


Source:
Was this article helpful?

Table of Contents

    Can't find what you're looking for?

    Contact Support