Hi Mary-Ellen,
The log is encrypted, but only Cisco personnel (TAC or the Business
Unit) can decrypt it.
I know that in some instances it could assist in troubleshooting, but it
also contains sensitive information about CAS to agent communications,
which if found out could compromise the agent. So that is why it is
encrypted and no tool exists for customers to decrypt.
HTH,
Nate
Mary-Ellen Ide wrote:
Hi Everyone,
I noticed the agent stores an event log called “event.log” in
C:\Documents and Settings\user\Application Data\CiscoCAA
If I open it, it is not readable. I thought it looked like it could be
base64 encoded so I tried decoding it but it didn’t work. I also tried
a few other decodes.
Does anyone know how I can read this file? Is there a Cisco utility I
need to download to read it?
Thanks!
Mary
Mary Ide
Internet Security Engineer
Johnson & Wales University
SANS GCIH #1794
SANS GWAS #1728
[EMAIL PROTECTED] <BLOCKED::mailto:[EMAIL PROTECTED]>
