• John R Raffield
    0
    Looking for assistance with the remote logs.
    Attached is a segment on the day in question. I know what the "ResetPassword" lines are, those entries are when someone either clicks the icon to switch up the password (must be physically at the machine to to do that), or when the program is started, which the program automatically does.
    Basically I am trying to figure out if during the 03:22 time frame if someone was remotely connected to the machine for any period of time.
    I wish there was a remote IP address associated with a successful remote session, but to me it appears that they are all running through the amazon IP or cloud service.
    Any assistance would be greatly appreciated - even if it was just documentation that I could read about the logging features of Remote Assistant.
    Thank you,
    JR

    Attachment
    Remote Assistant_segment.log (9K)
  • John R Raffield
    0
    I am just posting the contents of the txt file above so that no one has to download something (if that was a concern)... I'm enclosing it as code because it was cleaner looking than a quote.

    2020-06-11 03:19:54,055 [RA_COMMON.1820] [98] NOTICE - SioService.SioCore.ClearSocketId: 7k92jHwGtRwVpvn1AB08
    2020-06-11 03:19:54,058 [RA_SERVICE.1820] [98] NOTICE - Service 810776535 SioState changed: Disconnected
    2020-06-11 03:19:54,061 [RA_SERVICE.1820] [98] NOTICE - SioService.OnSocketDisconnect: transport error
    2020-06-11 03:19:55,418 [RA_COMMON.500] [14] NOTICE - SioServer.SioCore.ClearSocketId: OaLF0ctUDm69olllAAMH
    2020-06-11 03:19:55,418 [RA_SERVER.500] [14] NOTICE - Server 810776535 state changed: Disconnected transport error
    2020-06-11 03:19:55,423 [RA_DIRECTCONN.500] [14] NOTICE - TcpServer 192.168.254.12:5975 on 192.168.254.12:5975 disconnected
    2020-06-11 03:19:55,426 [RA_COMMON.500] [14] NOTICE - SioSound.SioCore.Disconnect call rWwU21cqFO7mFK3DAB8H, 
    2020-06-11 03:19:55,529 [RA_COMMON.500] [14] ERROR - SioSound.OnDisconnect: io client disconnect
    2020-06-11 03:19:55,529 [RA_COMMON.500] [14] NOTICE - SioSound.SioCore.ClearSocketId: rWwU21cqFO7mFK3DAB8H
    2020-06-11 03:20:24,092 [RA_SERVICE.1820] [117] NOTICE - Service reconnection attempt...
    2020-06-11 03:20:24,092 [RA_SERVICE.1820] [117] NOTICE - Service 810776535 SioState changed: ConnectionInProgress
    2020-06-11 03:20:24,094 [RA_COMMON.1820] [117] NOTICE - SioService.SioCore.Connect to https://connect.ra.cloudberrylab.com:443
    2020-06-11 03:20:24,372 [RA_COMMON.1820] [66] NOTICE - SioService.SioCore.SetSocketId: n2l7FjrU34KzxE0IK-Qo
    2020-06-11 03:20:24,372 [RA_SERVICE.1820] [66] NOTICE - Service 810776535 SioState changed: Connected
    2020-06-11 03:20:24,373 [RA_SERVICE.1820] [66] NOTICE - Service 810776535 SioState changed: RegisterInProgress
    2020-06-11 03:20:24,408 [RA_SERVICE.1820] [10] NOTICE - SioService.OnRegisterService located at 18.216.238.135:443, us-east-2
    2020-06-11 03:20:24,408 [RA_SERVICE.1820] [10] NOTICE - Service 810776535 SioState changed: Registered
    2020-06-11 03:20:25,428 [RA_SERVER.500] [116] NOTICE - Server reconnection attempt...
    2020-06-11 03:20:25,428 [RA_SERVER.500] [116] NOTICE - Server 810776535 state changed: ConnectionInProgress 
    2020-06-11 03:20:25,428 [RA_COMMON.500] [116] NOTICE - SioServer.SioCore.Connect to https://connect.ra.cloudberrylab.com:443
    2020-06-11 03:20:25,599 [RA_COMMON.500] [150] NOTICE - SioServer.SioCore.SetSocketId: RGBXV1LLZzunEapNK-Qq
    2020-06-11 03:20:25,599 [RA_SERVER.500] [150] NOTICE - Server 810776535 state changed: Connected 
    2020-06-11 03:20:25,599 [RA_COMMON.500] [15] NOTICE - AwsGeoStatistics evaluated. us-east-2: 32 ms; us-east-1: 36 ms; us-west-1: 41 ms; ca-central-1: 48 ms; us-west-2: 56 ms; eu-west-2: 111 ms; eu-west-3: 114 ms; eu-west-1: 117 ms; eu-central-1: 120 ms; sa-east-1: 142 ms; ap-northeast-1: 151 ms; eu-north-1: 151 ms; ap-northeast-3: 156 ms; ap-southeast-2: 179 ms; ap-northeast-2: 181 ms; ap-south-1: 231 ms; ap-southeast-1: 239 ms; cn-north-1: 253 ms; cn-northwest-1: 290 ms
    2020-06-11 03:20:25,600 [RA_SERVER.500] [150] NOTICE - Server 810776535 state changed: RegisterInProgress 
    2020-06-11 03:20:25,653 [RA_SERVER.500] [55] NOTICE - SioServer.OnRegisterServer located at 18.216.238.135:443, us-east-2
    2020-06-11 03:20:25,655 [RA_SERVER.500] [55] NOTICE - ResetPassword completed: 2994
    2020-06-11 03:20:25,656 [RA_SERVER.500] [55] NOTICE - Server 810776535 state changed: Registered 
    2020-06-11 03:20:25,656 [RA_DIRECTCONN.500] [169] NOTICE - TcpServer 192.168.254.12:5975 is connected to 192.168.254.12:5975
    2020-06-11 03:20:25,663 [RA_DIRECTCONN.500] [169] NOTICE - TcpServer 0.0.0.0:0 is connected to 0.0.0.0:54176
    2020-06-11 03:20:25,676 [RA_COMMON.500] [55] NOTICE - SioSound.SioCore.Connect to https://connect.ra.cloudberrylab.com:443
    2020-06-11 03:20:25,816 [RA_COMMON.500] [150] NOTICE - SioSound.SioCore.SetSocketId: IICeZ8btiWbb0UUfK-Qt
    2020-06-11 03:20:26,081 [RA_DIRECTCONN.500] [169] ERROR - RaRouterChannelsControl.OpenChannel failed: One or more errors occurred.
    2020-06-11 03:20:26,092 [RA_DIRECTCONN.500] [169] NOTICE - TcpServer 0.0.0.0:0 on 0.0.0.0:54176 disconnected
    2020-06-11 03:22:25,788 [RA_COMMON.1820] [78] NOTICE - SioService.SioCore.ClearSocketId: n2l7FjrU34KzxE0IK-Qo
    2020-06-11 03:22:25,788 [RA_SERVICE.1820] [78] NOTICE - Service 810776535 SioState changed: Disconnected
    2020-06-11 03:22:25,788 [RA_SERVICE.1820] [78] NOTICE - SioService.OnSocketDisconnect: transport error
    2020-06-11 03:22:26,916 [RA_COMMON.500] [97] ERROR - SioSound.OnDisconnect: transport error
    2020-06-11 03:22:26,917 [RA_COMMON.500] [97] NOTICE - SioSound.SioCore.ClearSocketId: IICeZ8btiWbb0UUfK-Qt
    2020-06-11 03:22:27,906 [RA_COMMON.500] [97] NOTICE - SioServer.SioCore.ClearSocketId: RGBXV1LLZzunEapNK-Qq
    2020-06-11 03:22:27,907 [RA_SERVER.500] [97] NOTICE - Server 810776535 state changed: Disconnected transport error
    2020-06-11 03:22:27,907 [RA_DIRECTCONN.500] [97] NOTICE - TcpServer 192.168.254.12:5975 on 192.168.254.12:5975 disconnected
    2020-06-11 03:22:55,798 [RA_SERVICE.1820] [48] NOTICE - Service reconnection attempt...
    2020-06-11 03:22:55,798 [RA_SERVICE.1820] [48] NOTICE - Service 810776535 SioState changed: ConnectionInProgress
    2020-06-11 03:22:55,798 [RA_COMMON.1820] [48] NOTICE - SioService.SioCore.Connect to https://connect.ra.cloudberrylab.com:443
    2020-06-11 03:22:56,964 [RA_COMMON.1820] [78] NOTICE - SioService.SioCore.SetSocketId: WaBKi3cBmqT6Ml06K-Ux
    2020-06-11 03:22:56,965 [RA_SERVICE.1820] [78] NOTICE - Service 810776535 SioState changed: Connected
    2020-06-11 03:22:56,965 [RA_SERVICE.1820] [78] NOTICE - Service 810776535 SioState changed: RegisterInProgress
    2020-06-11 03:22:56,997 [RA_SERVICE.1820] [16] NOTICE - SioService.OnRegisterService located at 18.216.238.135:443, us-east-2
    2020-06-11 03:22:56,997 [RA_SERVICE.1820] [16] NOTICE - Service 810776535 SioState changed: Registered
    2020-06-11 03:22:57,919 [RA_SERVER.500] [158] NOTICE - Server reconnection attempt...
    2020-06-11 03:22:57,919 [RA_SERVER.500] [158] NOTICE - Server 810776535 state changed: ConnectionInProgress 
    2020-06-11 03:22:57,919 [RA_COMMON.500] [158] NOTICE - SioServer.SioCore.Connect to https://connect.ra.cloudberrylab.com:443
    2020-06-11 03:22:58,090 [RA_COMMON.500] [34] NOTICE - SioServer.SioCore.SetSocketId: esuHH-SFXhF7HfxxK-U1
    2020-06-11 03:22:58,091 [RA_SERVER.500] [34] NOTICE - Server 810776535 state changed: Connected 
    2020-06-11 03:22:58,091 [RA_COMMON.500] [187] NOTICE - AwsGeoStatistics evaluated. us-east-2: 32 ms; us-east-1: 36 ms; us-west-1: 41 ms; ca-central-1: 48 ms; us-west-2: 56 ms; eu-west-2: 111 ms; eu-west-3: 114 ms; eu-west-1: 117 ms; eu-central-1: 120 ms; sa-east-1: 142 ms; ap-northeast-1: 151 ms; eu-north-1: 151 ms; ap-northeast-3: 156 ms; ap-southeast-2: 179 ms; ap-northeast-2: 181 ms; ap-south-1: 231 ms; ap-southeast-1: 239 ms; cn-north-1: 253 ms; cn-northwest-1: 290 ms
    2020-06-11 03:22:58,091 [RA_SERVER.500] [34] NOTICE - Server 810776535 state changed: RegisterInProgress 
    2020-06-11 03:22:58,124 [RA_SERVER.500] [103] NOTICE - SioServer.OnRegisterServer located at 18.216.238.135:443, us-east-2
    2020-06-11 03:22:58,125 [RA_SERVER.500] [103] NOTICE - ResetPassword completed: 2118
    2020-06-11 03:22:58,125 [RA_SERVER.500] [103] NOTICE - Server 810776535 state changed: Registered 
    2020-06-11 03:22:58,125 [RA_DIRECTCONN.500] [20] NOTICE - TcpServer 192.168.254.12:5975 is connected to 192.168.254.12:5975
    2020-06-11 03:22:58,126 [RA_DIRECTCONN.500] [20] NOTICE - TcpServer 0.0.0.0:0 is connected to 0.0.0.0:54314
    2020-06-11 03:22:58,127 [RA_COMMON.500] [103] NOTICE - SioSound.SioCore.Connect to https://connect.ra.cloudberrylab.com:443
    2020-06-11 03:22:58,287 [RA_COMMON.500] [103] NOTICE - SioSound.SioCore.SetSocketId: jvAk1o3uhZOCaZ53K-U3
    2020-06-11 03:22:58,512 [RA_DIRECTCONN.500] [20] ERROR - RaRouterChannelsControl.OpenChannel failed: One or more errors occurred.
    2020-06-11 03:22:58,512 [RA_DIRECTCONN.500] [20] NOTICE - TcpServer 0.0.0.0:0 on 0.0.0.0:54314 disconnected
    2020-06-11 15:07:48,459 [RA_WPF.10612] [1] NOTICE - **********************************************************************************************************
    2020-06-11 15:07:48,477 [RA_WPF.10612] [1] NOTICE - Program started as standalone, none-managed. Build: 2.2.0.51, FIRM-05/user
    2020-06-11 15:07:48,478 [RA_WPF.10612] [1] NOTICE - Command line args: 
    2020-06-11 15:07:48,478 [RA_WPF.10612] [1] NOTICE - Running mode: OnSecureDesktop=False, AutoStart=False
    2020-06-11 15:07:48,500 [RA_COMMON.10612] [1] NOTICE - RaStartSupport.SetStartupEvent: Name=Global\RA-user
    2020-06-11 15:07:48,514 [RA_COMMON.10612] [1] NOTICE - Generated external request Restore
    2020-06-11 15:07:49,385 [RA_COMMON.500] [34] NOTICE - Got external request: Restore
    2020-06-11 15:07:51,514 [RA_WPF.10612] [1] NOTICE - Program terminated. Application is already running
  • David GugickAccepted Answer
    118
    I've reached out to the engineer team and hope to hear back soon.
  • Sergey N
    26
    Hello John,

    Nope, there were no connections. You see constant disconnects of the software from the endpoint server. Perhaps due to the connection drops.
  • John R Raffield
    0
    @Sergey N
    @David Gugick
    Thank you both for responding....
    One more question - will the logs ever actually show the IP address when a remote session is initiated or one that fails.
    Thank you - JR
bold
italic
underline
strike
code
quote
ulist
image
url
mention
reveal
youtube
tweet
Add a Comment