Identity Collector - Debug

How to debug Identity Collector

The Identity CollectorClosed Check Point dedicated client agent installed on Windows Servers in your network. Identity Collector collects information about identities and their associated IP addresses, and sends it to the Check Point Security Gateways for identity enforcement. For more information, see sk108235. You can download the Identity Collector package from sk134312. has two main components:

  1. User Interface - The frontend of the application is responsible for the graphical user interface (GUI) and passes the communication of data to the backend (Service).

  2. Service - Executes the IDC logic, such as establishes communication with identity sources and gateways, filtering, parsing, and more.

In most cases, the debugging should be enabled on the service side.

Note - In Windows 2016, debugs are located in C:\Temp (not C:\Windows\Temp).

User Interface debug:

  • File location - C:\Windows\Temp\ia_idcgui_X.log, where "X is an index.

  • To increase the default debug level, change the registry value to 0: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\CheckPoint\IdentityCollector\GUILoggerLevel

Service debug:

  • File location - C:\Windows\Temp\ia_ag.log* (should be up to 10 files).

  • The default debug level is "Events". To change it, go to the Identity Collector Application > Settings > Debugging.

ISE integration debug:

  • File location - C:\Windows\Temp\ia_ise_extension.log* (should be up to 10 files).

  • The pxGrid entry point function for new events from the ISE Server is the onChange function.

DMP files:

  • File location - If the Identity Collector crashes, collect the required dump files from C:\Windows\Temp\IDCLogs\

  • Each crash creates log files, which include the required information.

Database files:

  • File location - %PROGRAMDATA%\CheckPoint\IdentityCollector

  • For a replication, upload this folder or run Export Configuration in the Identity Collector application.