Hi Mary-Ellen,

The log is encrypted, but only Cisco personnel (TAC or the Business 
Unit) can decrypt it.

I know that in some instances it could assist in troubleshooting, but it 
also contains sensitive information about CAS to agent communications, 
which if found out could compromise the agent. So that is why it is 
encrypted and no tool exists for customers to decrypt.

HTH,

Nate

Mary-Ellen Ide wrote:
>
> Hi Everyone,
>
> I noticed the agent stores an event log called “event.log” in 
> C:\Documents and Settings\user\Application Data\CiscoCAA
>
> If I open it, it is not readable. I thought it looked like it could be 
> base64 encoded so I tried decoding it but it didn’t work. I also tried 
> a few other decodes.
>
> Does anyone know how I can read this file? Is there a Cisco utility I 
> need to download to read it?
>
> Thanks!
>
> Mary
>
> Mary Ide
>
> Internet Security Engineer
>
> Johnson & Wales University
>
> SANS GCIH #1794
>
> SANS GWAS #1728
>
> [log in to unmask] <BLOCKED::mailto:[log in to unmask]>
>