How to enable Container (AAV) logging
Applies to: Cloudhouse Compatibility Containers
10/06/2019 Cliff Hobbs ID: 267092
The purpose of the article is to detail how to enable logging for AAV, which by default is disabled.
Enabling logging for AAV can help identify problems with applications running in Cloudhouse Compatibility Containers™.
Release 1904 introduces several changes to both the way logging is enabled and the information captured in the logs.
Any logs generated by AAV are created in the following folders, regardless of the release:
- On Windows 7 and later: %LocalAppData%\Cloudhouse\Logs
- On Windows XP: %UserProfile%\Local Settings\Application Data\Cloudhouse\Logs
Each time AAV runs, two logs are created:
- Log for AppAcceleratorV – Which is output to reversedate-time-PID-AppAcceleratorV.log (for example 20190425-113000-000600-AppAcceleratorV.log).
- Log for the child process(es), redirected by AAV – Which is output to reversedate-time-parentPID-PID-ExecutableName.log (for example 20190425-113000-000600-002820-MyApp.log).
Starting in release 1904, the AAV log for child processes includes the following columns:
|TIMESTAMP||Date and time the log file entry was written.|
|TID||Thread ID that generated the log item.|
|LOG TYPE||Defines the type of log entry:
|CATEGORY||Categories represent the area each API belongs to. For example File or Registry. Categories also have subcategories such as Redirected or NotRedirected.
See List of Cloudhouse Container Log File Categories for a complete list.
|FUNCTION:LINE||The function that generates a log event message. It will often be a Windows API, although internal AAV functions generate their own log events.|
|FROM||This will usually be the from/original name. For example the filename, registry key, and so forth.|
|TO||Will usually be the virtualised name (filename, registry). It can also be blank to indicate the original name has remained the same.
|MESSAGE||This is additional information relating to the function generating the log event (for example other parameters), which means this is different for each function. For example, for FILE API's it could be the desired access. For COM, it could be the class registration.|
|ERROR (CODE)||If an error occurs, the error code generated is displayed.|
|MESSAGE||The error message associated with the error code.|
See the relevant section for details of how to enable AAV logging:
To enable logging in release 1904 and later:
- Navigate to the appropriate Container folder.
- Open AppAcceleratorV.clc in a text editor (such as Notepad++).
- Create the AAV tag as shown below and set the value for Log to one of the following, depending on the level of logging required:
- Off – The default, where logging is disabled.
- On – Only high-level APIs are logged. There is no nesting of log entries/logging of any lower level API calls. For example, when you create a file, the CreateFile API is called. This, in turn, calls the lower level API NTCreateFile. With logging set to On, you will not see entries for the lower-level APIs called such as NTCreateFile in our example.
- Verbose – All entries, both high-level and low-level API calls.
- Save AppAcceleratorV.clc
Example Log Entries
If AAV logging is set to On, only higher level APIs are logged. For example:
11:22:38.947 0000DED8 Info File-NotRedirected chCreateFileW:41 "C:\Windows\Fonts\staticcache.dat" "" "" "" 11:22:38.949 0000DED8 Info Registry-NotRedirected chRegOpenKeyExW:33 "SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback" "" "" ""
If AAV logging is set to Verbose, both higher level and APIs are logged. For example:
11:18:19.384 00007054 Info File-NotRedirected chNtCreateFile:23 "\??\C:\Windows\Fonts\staticcache.dat" "" "" "" 11:18:19.384 00007054 Info File-NotRedirected chCreateFileW:41 "C:\Windows\Fonts\staticcache.dat" "" "" "" 11:18:19.385 00007054 Info Registry-NotRedirected chNtOpenKeyEx:56 "SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback" "" "" "" 11:18:19.385 00007054 Info Registry-NotRedirected chRegOpenKeyExW:33 "SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback" "" "" ""
To enable logging in releases prior to 1904:
- Navigate to the appropriate Container folder.
- Open AppAcceleratorV.clc in Notepad++.
- Create the AAV tag as shown below and set the value for LogExe and LogDll to Full or Error depending on the level of logging you require:
- Configuring logging for LogExe logs the parent process, e.g. AppAcceleratorV.
- Configuring logging for LogDll logs the child process(es), redirected by AAV.
<AAV LogExe="Full" LogDll="Full">
4. Save AppAcceleratorV.clc
Use of PackageId to enable AAV logging is still supported (even in 1904 and later versions). For example:
<AAV PackageId="thisismyid" LogExe="Full">