There are two types of diagnostics logs, the first is for the Management portal diagnostics and and the second is for Reports generation diagnostics:
A. Enable debug for the Management Portal
1. Edit the 'Web.Config' file which is located in the following path:
%PROGRAMFILES%\One Identity\Defender\Management Portal\WWW
2. In the "Web.Config" file, search and edit the following line changing ‘ERROR’ to ‘DEBUG’
< level value="ERROR" >
< appender-ref ref="RollingLogFileAppender" >
3. Go to the logs directory and right click to select properties:
View the 'Properties' page for the 'Logs' folder.
4. On the 'Security' tab ensure that the Management Portal service account (configured in http://server/Admin | Configuration | Service Account ) has read / write permissions.
5. Reproduce the issue
6. After replicating the issue, the debug log will be saved as DefenderWeb.txt file in one of the below directories depends on the Defender version installed:
%PROGRAMFILES%\One Identity\Defender\Management Portal\Logs
B. Enabling additional diagnostics for Reports:
1. Edit 'mappath.ini', which is located in following path
%PROGRAMFILES%\One Identity\Defender\Management Portal\WWW\Areas\Reports\Generators
Add a new value as below:
[Diagnostics]
Enabled=1
2. Login to the Management Portal and run the report in question selecting the relevant DSS name from the 'DSS Name' listing.
3. The trace file (DefenderReports-6.x.x.xxxx.txt) is written to the following path:
%PROGRAMDATA%\One Identity\Defender\Diagnostics