Reset Search
 

 

Article

KB28146 - [Host Checker] Endpoint Security Assessment Plug-in (ESAP) Diagnostic Tool for PCS 7.2 / PPS 4.2 and above on Windows Platform

« Go Back

Information

 
Last Modified Date2/3/2016 9:07 PM
Synopsis
This article explains the End Point Security Assessment Plug-in (ESAP) Diagnostic Tool and how to use it.

 

Problem or Goal
  • What is the ESAP Diagnostic Tool?
  • How do you use the ESAP Diagnostic Tool?
  • What does the ESAP Diagnostic Tool collect?
  • What are the Known issues and limitations?
Cause
Solution
What is the ESAP Diagnostic Tool?

The ESAP diagnostic tool is a Windows-based log collection tool for Endpoint Security issues related to pre-defined Anti-Virus, Firewall and Anti-Spyware. This tool is designed to ease the process of log collection for ESAP related issues. The tool is ESAP version specific. Each ESAP release has a different version of OPSWAT SDK built into it, and hence this tool is also version specific for every ESAP release. Also note that this tool is built for V3 SDK, which means that it is only useful for issues on software versions PCS 7.2 / PPS 4.2 and above.

The tool is available for download at: my.pulsesecure.net

Navigation :

  1. Login to my.pulsesecure.net
  2. Click Licensing and Download Center
User-added image
  1. From the top menu, click Downloads
User-added image
  1. Under Browse My Software and Documentation, click Pulse Secure > Pulse Connect Secure or Pulse Policy Secure
User-added image
  1. Click Endpoint Security Assessment Plug-in
User-added image
  1. Click on the correspond ESAP release
  2. Click on the EULA agreement
  3. Click ps-esap-X.X.X-diag-tool.exe
User-added image

Note: This tool is available only for collecting logs or verifying fixes for issues on PCS 7.2 / PPS 4.2 and above..

How do you use the ESAP Diagnostic Tool?

  1. Copy the tool to the end-user system where you want to collect the logs for debugging ESAP related issues.

  2. Run the tool.

    • If you are running this tool to diagnose a problem with Agentless Host Checker, run as the current user.
  3. If you are running this tool to diagnose a problem with OAC or Pulse, run as administrator.
  4. If you see the following prompt, click OK to confirm that you want to run OPSWAT’s OESISDiagnose tool.

  1. Collect log file.

  • XP:

%AllUsersProfile%\Application Data\Juniper Networks\Logging\OpswatDiagnose<timestamp>.zip

  • Vista, Windows 7, Windows 8:

%Public%\Juniper Networks\Logging\OpswatDiagnose<timestamp>.zip

Please note that Starting ESAP 2.8.6 the diagnostic tool for Windows places the collected log file on the Desktop and renames the file to .zi
This was done to facilitate easy retrieving of the file from the desktop location and easy transfer using email.


What does the ESAP Diagnostic Tool collect?

  1. Client-side debuglog.log.

  2. OESISDiagnose.log generated by OESISDiagnose.exe shipped with the latest SDK or the one packaged in this tool when run against OPSWAT binaries in:

    1. HC install directory: This gets the OESISDiagnose.log when OESISDiagnose.exe is run against the OPSWAT dll’s that are packaged in the current running ESAP in the IVE (that is, the latest OPSWAT dll’s that were installed after the last Host Check). The tools collect logs for:
      1. Agentless Host Checker
      2. UAC Agentless Host Checker
      3. OAC TNC Client
      4. Pulse TNC Client Plugin
  3. Packaged OPSWAT SDK in the tool: The one packaged in the tool at the time it was built.


What are the Known issues and limitations?

  • Host Checker’s installed version information (versionInfo.ini).
  • ​Information on currently installed ESAP where possible (UnifiedSDK.ini).
    • OESISDiagnose.exe issues a confirmation prompt (as shown below) whenever it is run: 
  • While running the tool generated for ESAP 2.4.2 and above on a system which has DLLs from an ESAP older than 2.4.2 in Agentless Host Checker (HC), Odyssey Access Client HC or Pulse HC directory, the following error occurs (OESISDiagnose.exe - Entry Point Not Found) and the logs are not generated. OESISDiagnose.exe from the corresponding older version is needed to generate the relevant log file.

 


For instructions on running ESAP Diagnostic Tool for Mac OS and collecting the logs on Windows Platform, refer to KB29633 - [Host Checker] Endpoint Security Assessment Plug-in (ESAP) Diagnostic Tool for PCS 7.2 / PPS 4.2 and above on Mac OS Platform
Related Links
Attachment 1 
Created ByData Deployment

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255