Top of Page

Logs and Status  Logs and Status
Domain Time II Server
Version 5.2

The Logs and Status page contains the settings for the Domain Time service text log.

Note: If you see the Policy Applied Group Policy applied indicator in the lower-left corner of the applet, there are settings on this page that are being overridden by an Active Directory Group Policy. Settings controlled by policy may be greyed-out or you may be otherwise prevented from making a change here. See the Active Directory page for more information on using Group Policies.

Logs are kept in the %SystemRoot%\System32\ folder. There are at least four main log files collected when the service is running:

  1. domtimes.log
    This is the currently active text log file.

      If log archiving is enabled (see below), additional archived log files will be created using a domtimes.YYYYMMDD.log naming scheme (i.e. domtimes.20090928.log).

  2. domtimes.log.startup
    A detailed text log of the service startup process. Only data from the latest startup is included.

      To view these two text logs, click the button on the applet, which launches the Domain Time Log Viewer.

  3. drift.dt
    A binary file containing information on each time check/correction made using the NTP and DT2 protocols, or the aggregate of corrections made by PTP (if enabled) during the check interval configured on the Timings page. Drift logs can also collected remotely by Domain Time Audit Server.

      To view this log, click the button on the applet, which launches the Domain Time Drift Log Viewer.
  4. driftptp.dt
    IF PTP is enabled, a binary file containing information on each PTP Sync. PTP Drift logs can also collected remotely by Domain Time Audit Server.

      To view this log, click the Graph link on the Obtain the Time property page, which launches the Domain Time Drift Log Viewer.

 

 Text Log 

  
Log Level:          
Max Size:  KB (use zero to mean unlimited size)

  Enable lazy write delay of up to   seconds (range 1-600)
Include info-level timeset success messages in warning and error-level logs

 

Include client accesses (requests for time and control messages)
Enable UDP packet tracing     Enable TCP packet tracing
Enable Time Change Event Monitor
Enable NTP4 peerstats           Enable NTP4 loopstats
        NTP Stats Folder:

This section selects the properties of the domtimes.log service text log.

    The Log Level drop-down chooses what type of entries to include in the log. You can increase or decrease the amount of information logged as needed.

    The available levels are (in increasing amount of detail):

    • Disabled
      This switch will only disable the domtimes.log file. Other system logs, such as domtimes.startup.log and drift.dt cannot be disabled.

    • Errors
      Only messages marked as Errors will be logged

    • Warnings
      Logs will include Errors and Warnings

    • Information
      Includes Errors, Warnings, and information on the activity of the time service, such as time sources contacted, amount of clock correction, etc.

    • Trace
      Includes all of the above, plus detailed information on time setting and time sample analysis.

    • Debug
      Includes all available information provided by the service.

      CAUTION:

      Debug logging will generate a great deal of data, so be sure to only enable it when you need the additional information, and don't forget to turn it off when finished troubleshooting.

        When you select Debug level, the button becomes enabled. Clicking this brings up a dialog where you can select exactly which type of debug messages to include in the logs. This allows you to limit the size of the logs while troubleshooting a particular issue. Please re-enable all messages if submitting a log for analysis.

      Max size: sets how large the log file is allowed to grow (in kilobytes).
        Once the maximum size is reached, the oldest events will be scrolled off to make room for new events. Enter 0 (zero) if you don't want to limit the log size.

        It's a good idea to set a log size that will allow you to keep enough history to troubleshoot any issues that may arise.

    Enable lazy write delay of up to   seconds (range 1-600)
    This value specifies the maximum amount of time to wait before flushing data to the log.

      Logging large amounts of information on an underpowered or busy machine can generate a great deal of overhead, which can adversly affect system performance and diminish timing accuracy. When enabled, Domain Time will try to buffer log data in memory until the delay period is reached instead of attempting to write all events to the disk in real time. This may provide some "breathing space" for the disk system to process outstanding writes that may accumulate from constant log activity. If the buffer fills before the limit is reached, it will be flushed to disk even if the full wait period has not expired.

    Include client accesses (requests for time and control messages)
    When checked, all client requests made of this machine will be logged. This includes queries for time or other information such as statistics, auditing, or status requests.

    CAUTION:

    Enabling this option can generate a large amount of logging data and system overhead if you have a lot of clients synchronizing with this server. Examine the log after the server has been running for a while to see if this option generates an onerous amount of data.

    Enable UDP packet tracing
    Enable TCP packet tracing
    These checkboxes cause Domain Time to log additional useful details about the time packets being used by Domain Time. The output is similar to the output from a packet analyzer, showing you the actual packet contents and payloads.

    CAUTION:

    Enabling this option can generate a large amount of logging data and system overhead. You should enable these only when actively troubleshooting network issues and for short periods.

    Enable Time Change Event Monitor
    Tells Domain Time to use Windows auditing to help identify the user or process responsible for changing the system clock.

      When checked, Domain Time will attempt to enable the Windows audit category "System" success auditing, and then watch the security event log for events pertaining to date/time changes made by programs other than Domain Time. If such an event is detected, Domain Time will parse the security event log entry and issue a warning in its own log. The warning will show the user and process that changed the time, and by how much (if the information is available). These warning messages are informational only, and should be enabled only to help track down environments where another user or process is interfering with the system clock.

      If the audit policy for the machine is controlled by a group policy, then Domain Time's change to the audit policy will succeed, but only until the next group policy refresh is applied. If you are using this feature in a domain, either undefine the group policy setting (Local Polices/Audit Policy/Audit system events) or set it to enabled for success events.

      Note: This option is complementary to, but independent of the Clock Change Monitor function, which resets the system time if unauthorized changes to the system clock are detected. See the description of Clock Change Monitor on the Advanced page.

    CAUTION:

    This option causes additional system overhead and uses additional memory and resources. You should enable this option only if you are experiencing rogue time changes on your system and are having difficulty identifying the cause. You should not run with this option enabled in normal operation.

    Enable NTP4 peerstats
    Enable NTP4 loopstats
    As of version 5.2.b.20170101, these checkboxes enable creation of ntpd-style peerstats and loopstats statistic files. See the ntpd Compatibility page for details.

      When enabled, the path where the files are collected will be displayed in the NTP Stats Folder: field. Note: NTP must be enabled on the Serve the Time property page in order to collect these stats.

 

 Text Log Archiving 

   Log Roll: 
   Delete old logs
         Keep up to   old logs

Domain Time can automatically archive the text log on a daily, weekly, or monthly schedule.

    When the log is archived, all existing log events in the domtimes.log file will be written to an archive file named domtimes.YYYYMMDD.log (i.e. domtimes.20090928.log) and the current log file will then be cleared to accept new data.

    You can choose how many archived log files to keep on the machine. When the indicated limit is reached, the oldest log file will be deleted.

 

Next Proceed to the Windows Event Viewer page
Back Back to the Symmetric Keys page

Domain Time II Software distributed by Microsemi, Inc.
Documentation copyright © 1995-2024 Greyware Automation Products, Inc.
All Rights Reserved
All Trademarks mentioned are the properties of their respective owners.