Understanding Centralized Logging Service configuration settings in Lync Server 2013
Topic Last Modified: 2013-02-21
The Centralized Logging Service is configured to define what the logging service is intended to collect, how it collects, where it will collect from, and what the log settings are. You define these settings globally (that is, for the entire deployment) or for a site (that is, a named site in your deployment). Any logging that you define will use the settings that are appropriate for the identity that you use for commands to start, stop, flush, and search logs.
To display the current Centralized Logging Service configuration
Start the Lync Server Management Shell: Click Start, click All Programs, click Microsoft Lync Server 2013, and then click Lync Server Management Shell.
Type the following at a command-line prompt:
You can narrow or expand the scope of the configuration settings that are returned by defining
-Identityand a scope, such as "Site:Redmond" to return only the CsClsConfiguration for the site Redmond. If you want details about a given portion of the configuration, you can pipe the output into another Windows PowerShell cmdlet. For example, to get details about the scenarios defined in the configuration for site "Redmond", type:
Get-CsClsConfiguration -Identity "site:Redmond" | Select-Object -ExpandPropery Scenarios
The result from the cmdlet displays the current configuration of the Centralized Logging Service.
Configuration Setting Description
Identifies the scope and name for this configuration. There is only one Global configuration, and one configuration per site.
Listing of all scenarios that are defined for this configuration.
Defined search terms for the configuration. Office 365 or Microsoft 365, not on-premises deployments.
Defined security groups that control who (that is, members of the security groups) can see computers based on the site they are located in. Site, in this context, is the site as defined in Topology Builder.
Defined regions are used to collect SecurityGroups into a region, for example EMEA.
Defined path to the location where log files are written on computers. CLSAgent writes the log files and runs under the context of the Network Service. In this case, %TEMP% expands to %WINDIR%\ServiceProfiles\NetworkService\AppData\Local
The parameter indicates the maximum size of the log file before a new event trace log (.etl) file is created. A new log file is created when the defined size is reached even if the maximum time set in EtlFileRolloverMinutes has not yet been reached.
Defined maximum amount of time, in minutes, that a log can elapse before a new .etl file is created. A new log file is created when the timer expires even if the maximum size set in EtlFileRolloverSizeMB has not yet been reached.
Location to search for the trace message format files. The trace message format files are used to convert the binary files into a human readable format.
Defined path to the location where cache files are written on computers. CLSAgent writes the cache files and runs under the context of the Network Service. In this case, %TEMP% expands to %WINDIR%\ServiceProfiles\NetworkService\AppData\Local. By default, cache files and log files are written to the same directory.
You can define a universal naming convention (UNC) path to receive the cache files during logging operations.
Defined as the maximum time, in days, that cache files are retained.
Defined as the percentage of disk space that can be used by the cache files.
Defined as the maximum number of traces per second that a component can produce before the automatic throttle limiter is triggered.
Number of times in 60 seconds that the ComponentThrottleLimit can be exceeded.
The minimum version of the CLSAgent allowed to run. This element is intended for Office 365 or Microsoft 365.