SphereShield proxy solution is involved in 2 processes
A proxy server capturing Teams traffic between the client and the cloud
Scripts injection from Agat cloud directly to the client
Possible issues
User can’t sign in to Teams
Slow sign in process
Slowness in messages reaching destination
Slowness joining meetings \ user can’t join meetings
Issues (1) and (2) can be server\database issue or script injection issue
Issues (3) and (4) are probably server\database issues
Collecting logs for issues (1) or (2)
Browse C:\Agat\Bastion\filters\fw_proxy
Edit Teams_Protector.xml; <severity>debug</severity>
3. Save
4. Restart Bastion service
5. Reproduce issue
Collect server logs:
D:\Agat\Logs\Teams_Protector - Collect the current log. If no current log there, enter “Archive” folder and collect the last modified one
D:\Agat\Logs\InternalServicesAPI - Collect the current log
D:\Agat\Logs\InternalServicesAPI\EW_InternalServicesAPI - Collect the current log (For Ethical Wall solution)
D:\Agat\Logs\InternalServicesAPI\DLP_InternalServicesAPI - Collect the current log (For DLP solution)
Collect client logs:
Gathering Teams Client Logs to Send to AGAT
Prepare logs to Agat:
Comperes server and client logs
Enter ticket number (password will be provided by Agat)
Upload compressed file
In the ticket you open to Agat specify username and time of issue as well as screenshots if available
Collecting logs for issues (3) or (4)
Browse C:\Agat\Bastion\filters\fw_proxy
Edit Teams_Protector.xml; <severity>debug</severity>
3. Save
4. Restart Bastion service
5. Reproduce issue
Collect server logs:
D:\Agat\Logs\Teams_Protector - Collect the current log. If no current log there, enter “Archive” folder and collect the last modified one
D:\Agat\Logs\InternalServicesAPI - Collect the current log
D:\Agat\Logs\InternalServicesAPI\EW_InternalServicesAPI - Collect the current log (For Ethical Wall solution)
D:\Agat\Logs\InternalServicesAPI\DLP_InternalServicesAPI - Collect the current log (For DLP solution)