System Logs
Last updated
Last updated
Introduction
Lucy maintains an internal log of application events. This allows for comprehensive monitoring and investigation of most application events, beyond just the service logs (e.g., Apache2 web server, Postfix mail server). By analyzing these logs users can effectively track and diagnose errors within the application.
Navigate to Support -> System Logs -> Service Logs
First select a file from the dropdown menu. On this page you can view the postfix mail log as well as the web server access and error logs.
Next define an interval, and Lucy will automatically paginate all the log entries from that file within that time frame. Keep in mind that log files are appended, meaning the most recent entries will be at the end of the file.
Often it is necessary to extract not just the mail and web server logs, but also runtime log files from the environment. Lucy offers a convenient way to download the runtime logs with a single click, just go to Support > System Logs > Send Logs and click the Download Logs button in the top-right.
You will download a .zip archive with the following:
mail.log (postfix log)
access.log and error.log (apache2 logs)
All log files in /opt/phishing/runtime/ (Lucy's application runtime logs)
The /opt/phishing/runtime/ folder contains a number of log files. Here is a breakdown of what types of operations are logged in each file.
| File | Content |
|---|---|
application.log | Application errors from the database and web server. |
awarenessrescheduler.log | Notifications for rescheduled awareness messages sent to recipients. |
console.log | Events from various services and utilities used by background processes. |
mailcrawler.log | Events related to the mail manager job. |
migration.log | Activities during Lucy version migrations (for versions < 4.2). |
proxystat.log | Events related to proxy operations when Lucy is behind a proxy. |
reminders.log | Events related to campaign reminders. |
reqsue_emailparse.log | Events for the email parsing job. |
resque_enduser.log | Updates to victim statistics. |
resque_letsencrypt.log | Events related to Let's Encrypt API interactions. |
resque_scheduler.log | Scheduler events, including start and finish times for each recipient's schedule. |
resque_ssl.log | SSL-related events such as certificate creation, renewal, and import. |
resque_stats.log | Updates to campaign statistics displayed in the web interface. |
resque_system.log | System performance-related jobs such as updates, reboots, shutdowns, and process terminations. |
resque_victim.log | Events related to assigning recipient groups to campaigns. |
resque_visit.log | Recipient visits to scenario web pages (both attack and awareness). The victim's ID is used to anonymize personal data, while visit data (IP address, user agent, OS, etc.) is recorded. |
resque_worker.log | All Lucy events. Each job logs at least two notifications: start and finish. |
scheduler.log | Scheduler activities. |
systemmonitoring.log | System status and health information. |
Each campaign in Lucy maintains its own message and error logs, which you can find in the campaign menu on the left of every campaign:
If you have supervisor users managing campaigns, a record of their actions will appear here.
