System Logs

Introduction

Lucy maintains an internal log of application events. This allows for comprehensive monitoring and investigation of most application events, beyond just the service logs (e.g., Apache2 web server, Postfix mail server). By analyzing these logs users can effectively track and diagnose errors within the application.

Navigate to Support -> System Logs -> Service Logs


How to view mail and web server logs

First select a file from the dropdown menu. On this page you can view the postfix mail log as well as the web server access and error logs.

Next define an interval, and Lucy will automatically paginate all the log entries from that file within that time frame. Keep in mind that log files are appended, meaning the most recent entries will be at the end of the file.


How to export log files from Lucy

Often it is necessary to extract not just the mail and web server logs, but also runtime log files from the environment. Lucy offers a convenient way to download the runtime logs with a single click, just go to Support > System Logs > Send Logs and click the Download Logs button in the top-right.

You will download a .zip archive with the following:

  • mail.log (postfix log)

  • access.log and error.log (apache2 logs)

  • All log files in /opt/phishing/runtime/ (Lucy's application runtime logs)


Runtime logs

The /opt/phishing/runtime/ folder contains a number of log files. Here is a breakdown of what types of operations are logged in each file.

File
Content

application.log

Application errors from the database and web server.

awarenessrescheduler.log

Notifications for rescheduled awareness messages sent to recipients.

console.log

Events from various services and utilities used by background processes.

mailcrawler.log

Events related to the mail manager job.

migration.log

Activities during Lucy version migrations (for versions < 4.2).

proxystat.log

Events related to proxy operations when Lucy is behind a proxy.

reminders.log

Events related to campaign reminders.

reqsue_emailparse.log

Events for the email parsing job.

resque_enduser.log

Updates to victim statistics.

resque_letsencrypt.log

Events related to Let's Encrypt API interactions.

resque_scheduler.log

Scheduler events, including start and finish times for each recipient's schedule.

resque_ssl.log

SSL-related events such as certificate creation, renewal, and import.

resque_stats.log

Updates to campaign statistics displayed in the web interface.

resque_system.log

System performance-related jobs such as updates, reboots, shutdowns, and process terminations.

resque_victim.log

Events related to assigning recipient groups to campaigns.

resque_visit.log

Recipient visits to scenario web pages (both attack and awareness). The victim's ID is used to anonymize personal data, while visit data (IP address, user agent, OS, etc.) is recorded.

resque_worker.log

All Lucy events. Each job logs at least two notifications: start and finish.

scheduler.log

Scheduler activities.

systemmonitoring.log

System status and health information.


Campaign Logs

Each campaign in Lucy maintains its own message and error logs, which you can find in the campaign menu on the left of every campaign:

If you have supervisor users managing campaigns, a record of their actions will appear here.


Last updated

Was this helpful?