Does OPSWAT Central Manager have a PowerShell Transcription?

Background:

• PowerShell Transcription Logging: Windows automatically logs all executed PowerShell scripts when transcription is enabled. For more details, refer to the Microsoft PowerShell documentation.

• OCM Dependency on PowerShell: OCM v7 leverages PowerShell for various functions. As a result, the PowerShell scripts running within OCM are logged by Windows. More information on system requirements and software dependencies can be found in the OPSWAT documentation.

Log Management Recommendations:

While the PowerShell transcription logging system is crucial for monitoring activities, the accumulation of log files over time may lead to storage concerns. The following recommendations help maintain an optimal logging environment:

1. Windows-Side Log Rotation/Cleanup

• Location: The PowerShell transcription logs typically are stored in a user-defined or administrator-configured directory such as C:\Users<UserName>\Documents\PowerShell_Transcripts

• Action: Since OCM does not directly interact with the Transcript folder, set up a Windows-side task (using Task Scheduler, a custom script, or a third-party tool) to rotate and clean up the log files periodically. This helps prevent the folder from growing excessively over time.

2. Adjusting OCM’s PowerShell Job Intervals

To reduce the logging frequency from the OPSWAT Central Manager components, you can adjust the interval at which specific PowerShell jobs run. This involves modifying the OCM configuration file.

Steps to Modify Logging Intervals:

1. Locate the Configuration File: The file is located at: <System Drive>\ProgramData\OPSWAT\Central\config.properties

2. Update the Service Check Interval:

• Purpose: This interval controls how often the OCM Windows service performs a health check on its components and restarts them if necessary.
• Configuration: Add the following line to the file: service_interval=30000

This sets the service check interval to 30,000 milliseconds (30 seconds). By default, if not specified, this value is 10,000 milliseconds (10 seconds).

3. Update the Tray Icon Notification Check Interval:

• Purpose: This interval dictates how frequently the OCM tray icon updates its status notifications.

• Configuration: Add the following line to the file: notification_interval=30000 This sets the notification update interval to 30,000 milliseconds (30 seconds). The default is also 10,000 milliseconds (10 seconds) if not set.

4. Restart OPSWAT Central Manager:

• After saving the changes to config.properties, restart the OPSWAT Central Manager service. This ensures that the new intervals take effect immediately.

Conclusion:

By implementing a Windows-side log rotation task for the transcript folder and adjusting the PowerShell job intervals in the OCM configuration file, you can efficiently manage the transcription log files generated by Windows. These measures help maintain system performance and prevent excessive log accumulation while ensuring that the critical logging functionality remains active for auditing and troubleshooting purposes.