Log Files

The Service Virtualization application logs include messages related to each of the Service Virtualization software components - Designer, Server, and Service Virtualization Management, as well as related backup and restore, installation, and licensing logs.

Open logs

You can access the Service Virtualization logs from the Windows Start menu, under Service Virtualization Designer/Server > Designer/Server Log Folder.

Back to top

Log locations for Windows

  • Designer:

    %APPDATA%\Micro Focus\Service Virtualization Designer\logs

  • Server:

    %ALLUSERSPROFILE%\Micro Focus\Service Virtualization Server\logs

Back to top

Log locations for Linux

  • RPM


  • TAR


Back to top

Configure logging

Messages are written to the log files based on the log levels that are defined in the application configuration files. Log levels include WARN, DEBUG, INFO, and ERROR.

You can change log levels using the Service Virtualization configuration files:

  • Service Virtualization Server configuration file:


  • Designer configuration file:


Changes made to the logging configuration are effective immediately, and do not require an application restart. To disable the ability to make changes without restarting the application, locate the following line in the configuration file and set the value to False:

<add key="log4net.Config.Watch" value="True"/>

Back to top

Audit logging for security events

By default, the security log entries are logged to the standard text log files for the Service Virtualization Server and Service Virtualization Management. The security log entries are also written to the server Problem list in Service Virtualization Management, which can be filtered for this type of entry.

You can configure a separate security audit log for the Service Virtualization Server and for Service Virtualization Management. The security log entry always starts with the "[Security]" keyword. Based on this keyword, the entries can be optionally filtered to dedicated separate security log files. There is a log4net appender preconfigured to generate the security log files.

Configure a separate security log file

To activate the appender, uncomment the following section in the below mentioned configuration files:

  • For Service Virtualization Server: HP.SV.StandaloneServer.exe.config (HP.SV.StandaloneServer.dll.config on Linux)

  • For Service Virtualization Manager: HP.SV.ServiceVirtualizationManager.exe.config (HP.SV.ServiceVirtualizationManager.dll.config on Linux)

Copy code
    <level value="WARN" />
    <appender-ref ref="LogConsoleAppender" />
    <appender-ref ref="LogFileAppender" />
    <appender-ref ref="ServerProblemMessageLogAppender" />
    <!-- Enable separate security log -->
    <!--appender-ref ref="SecurityLogFileAppender" /-->

To customize the security log file configuration, modify the following appender definition:

Copy code
<appender name="SecurityLogFileAppender" type="log4net.Appender.RollingFileAppender">
  <file value="${ALLUSERSPROFILE}\Micro Focus\Service Virtualization Server\logs\HP.SV.StandaloneServer.Security.log" />
  <appendToFile value="true" />
  <rollingStyle value="Date" />
  <datePattern value="yyyyMMdd" />
  <maxSizeRollBackups value="365" />
  <layout type="log4net.Layout.PatternLayout">
    <param name="ConversionPattern" value="%date %-5level [%thread] %logger %method:%line %message%newline" />
  <filter type="log4net.Filter.StringMatchFilter">
    <stringToMatch value="[SECURITY]" />
    <acceptOnMatch value="true" />
  <filter type="log4net.Filter.DenyAllFilter" />

The following security events are logged:

Service Virtualization Server
  • Permissions that are granted, revoked, or updated for a user by another user (for example, by admin). It logs which user performed the action, the user's IP, the permission granted, revoked, or updated, and the object ID and type (Service, Agent, Collection of Services, Server Agent List).

  • Logged messages that are deleted from the server Problem list. It logs the user name and IP of the user that deleted the message, and the deleted message IDs (when deleted selectively).

Service Virtualization Management
  • Login succeeded for a user.

  • Login or authentication failed for a user.

  • Logout failed for a user.

The user name and IP of the user is logged, together with details of the failure (if available).

Back to top