3013 - Timeout executing API request due to /manager/configuration/validation timeout

1,659 views
Skip to first unread message

Ranjith Kesavan

unread,
Jan 19, 2022, 8:25:34 AM1/19/22
to Wazuh mailing list


We are running Wazuh version 4.2.5 with around 700 custom rules and 10 custom decoder files. When we try to create/update any decoder/rule files, we get error 3013 - Timeout executing API request. The same issue discussed under thread API Timeout (google.com) . From api.log, I can see that the request failed with /manager/configuration/validation timeout 500. This was supposed to be fixed as per bug Fix GET /manager/configuration/validation timeout issue by CarlosRS9 · Pull Request #6635 · wazuh/wazuh (github.com) 

We have found the same issue with multiple Wazuh clusters. 

Request timeout is set to 400000 from Wazuh API Configuration

I was not able to find the option api_socket.settimeout(10) in framework/wazuh/core/manager.py file somehow.

Can you please have a look at this and suggest a fix:

 

Screenshot of the error:


Wazuh API Config:

 

Extract from api.log:

2022/01/19 11:18:58 INFO: wazuh-wui 127.0.0.1 "PUT /rules/files/0600-SentinelOne-decoder.xml" with parameters {"overwrite": "false"} and body {} done in 0.008s: 200

2022/01/19 11:18:58 INFO: wazuh-wui 127.0.0.1 "GET /cluster/status" with parameters {} and body {} done in 0.010s: 200

2022/01/19 11:19:09 INFO: wazuh-wui 127.0.0.1 "GET /cluster/configuration/validation" with parameters {} and body {} done in 11.204s: 500

2022/01/19 11:19:10 INFO: wazuh-wui 127.0.0.1 "GET /security/user/authenticate" with parameters {} and body {} done in 0.267s: 200

2022/01/19 11:19:10 INFO: wazuh-wui 127.0.0.1 "GET /manager/info" with parameters {} and body {} done in 0.027s: 200

2022/01/19 11:19:10 INFO: wazuh-wui 127.0.0.1 "GET /agents" with parameters {"agents_list": "000"} and body {} done in 0.008s: 200

2022/01/19 11:19:10 INFO: wazuh-wui 127.0.0.1 "GET /cluster/status" with parameters {} and body {} done in 0.009s: 200

2022/01/19 11:19:10 INFO: wazuh-wui 127.0.0.1 "GET /cluster/local/info" with parameters {} and body {} done in 0.007s: 200

2022/01/19 11:19:10 INFO: wazuh-wui 127.0.0.1 "DELETE /rules/files/0600-SentinelOne-decoder.xml" with parameters {} and body {} done in 0.008s: 200



Extract from ossec.log:

 

2022/01/19 11:56:29 sca: INFO: Loaded policy '/var/ossec/ruleset/sca/cis_debian10.yml'

2022/01/19 11:56:29 sca: INFO: Starting Security Configuration Assessment scan.

2022/01/19 11:56:29 wazuh-modulesd:database: INFO: Module started.

2022/01/19 11:56:29 wazuh-modulesd:download: INFO: Module started.

2022/01/19 11:56:29 wazuh-modulesd:control: INFO: Starting control thread.

2022/01/19 11:56:29 wazuh-modulesd:ciscat: INFO: Module disabled. Exiting...

2022/01/19 11:56:29 wazuh-modulesd:task-manager: INFO: (8200): Module Task Manager started.

2022/01/19 11:56:29 wazuh-modulesd:syscollector: INFO: Module started.

2022/01/19 11:56:29 wazuh-modulesd:syscollector: INFO: Starting evaluation.

2022/01/19 11:56:29 sca: INFO: Starting evaluation of policy: '/var/ossec/ruleset/sca/cis_debian10.yml'

2022/01/19 11:56:29 wazuh-modulesd:syscollector: INFO: Evaluation finished.

2022/01/19 11:56:29 wazuh-syscheckd: INFO: (6009): File integrity monitoring scan ended.

2022/01/19 11:56:30 wazuh-maild: CRITICAL: (1501): Invalid SMTP Server: smtp.example.wazuh.com

2022/01/19 11:56:55 rootcheck: INFO: Ending rootcheck scan.

2022/01/19 11:57:03 sca: INFO: Evaluation finished for policy '/var/ossec/ruleset/sca/cis_debian10.yml'

2022/01/19 11:57:03 sca: INFO: Security Configuration Assessment scan finished. Duration: 34 seconds.

2022/01/19 11:57:18 wazuh-analysisd: ERROR: (1231): Invalid NULL element in the configuration.

2022/01/19 11:57:18 wazuh-analysisd: CRITICAL: (1202): Configuration error at 'etc/decoders/0600-SentinelOne-decoder.xml'.

2022/01/19 11:57:52 wazuh-analysisd: ERROR: (1231): Invalid NULL element in the configuration.

2022/01/19 11:57:52 wazuh-analysisd: CRITICAL: (1202): Configuration error at 'etc/decoders/0600-SentinelOne-decoder.xml'.

2022/01/19 12:45:03 wazuh-analysisd[590785] debug_op.c:70 at _log(): DEBUG: Logging module auto-initialized

2022/01/19 12:45:03 wazuh-analysisd[590785] analysisd.c:375 at main(): DEBUG: Wazuh home directory: /var/ossec

2022/01/19 12:45:03 wazuh-analysisd[590785] analysisd.c:390 at main(): DEBUG: Found user/group ...

2022/01/19 12:45:03 wazuh-analysisd[590785] analysisd.c:397 at main(): DEBUG: Active response initialized ...

Message has been deleted

Alexis Rivas

unread,
Jan 19, 2022, 10:58:34 AM1/19/22
to Wazuh mailing list

Hi! hope you’re doing well.

There’re a few things to review here:

  • The 0600-SentinelOne-decoder.xml file is not properly formatted as we can see in the ossec.logs:
2022/01/19 11:57:18 wazuh-analysisd: ERROR: (1231): Invalid NULL element in the configuration.
2022/01/19 11:57:18 wazuh-analysisd: CRITICAL: (1202): Configuration error at 'etc/decoders/0600-SentinelOne-decoder.xml'.
2022/01/19 11:57:52 wazuh-analysisd: ERROR: (1231): Invalid NULL element in the configuration.
2022/01/19 11:57:52 wazuh-analysisd: CRITICAL: (1202): Configuration error at 'etc/decoders/0600-SentinelOne-decoder.xml'.

This file should be reviewed.

  • I assume the file 0600-SentinelOne-decoder.xml that you’re uploading to etc/rules via the API is a group of rules for the decoder previously mentioned.
2022/01/19 11:18:58 INFO: wazuh-wui 127.0.0.1 "PUT /rules/files/0600-SentinelOne-decoder.xml" with parameters {"overwrite": "false"} and body {} done in 0.008s: 200
  • I think the cluster validation is failing with a timeout because of all the custom rules that should be validated. The timeout value you’re looking for is timeout_api_exe from /var/ossec/framework/python/lib/python3.9/site-packages/wazuh-4.2.5-py3.9.egg/wazuh/core/cluster/cluster.json.

Please notice you can find it with:

# find -name 'cluster.json'
./framework/wazuh/core/cluster/cluster.json
./framework/python/lib/python3.9/site-packages/wazuh-4.2.5-py3.9.egg/wazuh/core/cluster/cluster.json
  • Finally, please provide me with more information about your environment. More precisely the number of workers and agents.

Regards,
Alexis

Ranjith Kesavan

unread,
Jan 19, 2022, 1:40:57 PM1/19/22
to Wazuh mailing list
Hello Alexis, 

Thanks for the quick response. 

I changed the values for "timeout_api_exe" to 60 and "timeout_cluster_request" to 120 in both cluster.json files, then restarted Wazuh-manager( and kibana) with no success. We still have the same issue with WUI timing out after 10 seconds with actions like Cluster restart and uploading decoder/rule files .  Still see  "GET /cluster/configuration/validation" failed with error code 500. 

My cluster runs the master and 3 workers with 140 agents. 

One question regarding your comment "I think the cluster validation is failing with a timeout because of all the custom rules that should be validated.". Does this apply to only decoders and rules applied to etc/rules and etc/decoders. Does adding the custom rules to ruleset/rules make any difference when it comes to validation and performance ? 

Current timeout values on cluster.json : 

    "intervals":{
        "worker": {
            "sync_integrity": 9,
            "sync_agent_info": 10,
            "sync_agent_info_ko_retry": 1,
            "keep_alive": 60,
            "connection_retry": 10,
            "max_failed_keepalive_attempts": 2
        },

        "master": {
            "recalculate_integrity": 8,
            "check_worker_lastkeepalive": 60,
            "max_allowed_time_without_keepalive": 120
        },

        "communication":{
            "timeout_cluster_request": 120,
            "timeout_api_request": 200,
            "timeout_api_exe": 60,
            "timeout_receiving_file": 120
        }


The decoder file which I am trying to upload only has the following decoder prematch to start with

<decoder name="sentinel-one">
    <prematch>\d+-\d+-\d+ \d\d:\d\d:\d\d,\d+ sentinel -..CEF.*SentinelOne\|</prematch>
    <type>syslog</type>
</decoder>


api.log after the change: 

2022/01/19 18:24:56 INFO: wazuh-wui 127.0.0.1 "GET /cluster/status" with parameters {} and body {} done in 0.009s: 200
2022/01/19 18:24:56 INFO: wazuh-wui 127.0.0.1 "GET /cluster/local/info" with parameters {} and body {} done in 0.006s: 200
2022/01/19 18:24:56 INFO: wazuh-wui 127.0.0.1 "GET /agents/summary/status" with parameters {} and body {} done in 0.013s: 200
2022/01/19 18:24:56 INFO: wazuh-wui 127.0.0.1 "GET /cluster/status" with parameters {} and body {} done in 0.011s: 200
2022/01/19 18:24:56 INFO: wazuh-wui 127.0.0.1 "GET /manager/info" with parameters {} and body {} done in 0.007s: 200
2022/01/19 18:24:56 INFO: wazuh-wui 127.0.0.1 "GET /overview/agents" with parameters {} and body {} done in 0.020s: 200
2022/01/19 18:24:56 INFO: wazuh-wui 127.0.0.1 "GET /cluster/nodes" with parameters {} and body {} done in 0.008s: 200
2022/01/19 18:24:56 INFO: wazuh-wui 127.0.0.1 "GET /cluster/dragonmaster/status" with parameters {} and body {} done in 0.009s: 200
2022/01/19 18:24:56 INFO: wazuh-wui 127.0.0.1 "GET /cluster/dragonmaster/info" with parameters {} and body {} done in 0.010s: 200
2022/01/19 18:24:56 INFO: wazuh-wui 127.0.0.1 "GET /agents" with parameters {"limit": "1", "sort": "-dateAdd", "q": "id!=000"} and body {} done in 0.010s: 200
2022/01/19 18:25:00 INFO: wazuh-wui 127.0.0.1 "GET /cluster/nodes" with parameters {"select": "name"} and body {} done in 0.015s: 200
2022/01/19 18:25:00 INFO: wazuh-wui 127.0.0.1 "GET /cluster/nodes" with parameters {"select": "name"} and body {} done in 0.009s: 200
2022/01/19 18:25:00 INFO: wazuh-wui 127.0.0.1 "GET /cluster/dragonmaster/stats/analysisd" with parameters {"pretty": ""} and body {} done in 0.013s: 200
2022/01/19 18:25:00 INFO: wazuh-wui 127.0.0.1 "GET /cluster/dragonmaster/stats/remoted" with parameters {"pretty": ""} and body {} done in 0.010s: 200
2022/01/19 18:25:00 INFO: wazuh-wui 127.0.0.1 "GET /cluster/DRSOCMGR/stats/analysisd" with parameters {"pretty": ""} and body {} done in 0.024s: 200
2022/01/19 18:25:00 INFO: wazuh-wui 127.0.0.1 "GET /cluster/DRSOCMGR/stats/remoted" with parameters {"pretty": ""} and body {} done in 0.031s: 200
2022/01/19 18:25:00 INFO: wazuh-wui 127.0.0.1 "GET /cluster/HQSOCMGR/stats/analysisd" with parameters {"pretty": ""} and body {} done in 0.039s: 200
2022/01/19 18:25:00 INFO: wazuh-wui 127.0.0.1 "GET /cluster/HQSOCMGR/stats/remoted" with parameters {"pretty": ""} and body {} done in 0.062s: 200
2022/01/19 18:25:01 INFO: wazuh-wui 127.0.0.1 "GET /cluster/HZSOCMGR/stats/analysisd" with parameters {"pretty": ""} and body {} done in 0.820s: 200
2022/01/19 18:25:01 INFO: wazuh-wui 127.0.0.1 "GET /cluster/HZSOCMGR/stats/remoted" with parameters {"pretty": ""} and body {} done in 1.595s: 200
2022/01/19 18:25:18 INFO: wazuh-wui 127.0.0.1 "GET /cluster/configuration/validation" with parameters {} and body {} done in 10.053s: 500
2022/01/19 18:25:19 INFO: wazuh-wui 127.0.0.1 "GET /security/user/authenticate" with parameters {} and body {} done in 0.277s: 200
2022/01/19 18:25:19 INFO: wazuh-wui 127.0.0.1 "GET /manager/info" with parameters {} and body {} done in 0.029s: 200
2022/01/19 18:25:19 INFO: wazuh-wui 127.0.0.1 "GET /agents" with parameters {"agents_list": "000"} and body {} done in 0.009s: 200
2022/01/19 18:25:19 INFO: wazuh-wui 127.0.0.1 "GET /cluster/status" with parameters {} and body {} done in 0.009s: 200
2022/01/19 18:25:19 INFO: wazuh-wui 127.0.0.1 "GET /cluster/local/info" with parameters {} and body {} done in 0.007s: 200


ossec.log after restart: 

2022/01/19 18:23:06 wazuh-authd: INFO: Exiting...
2022/01/19 18:23:22 wazuh-csyslogd: INFO: Remote syslog server not configured. Clean exit.
2022/01/19 18:23:22 wazuh-dbd: INFO: Database not configured. Clean exit.
2022/01/19 18:23:22 wazuh-integratord: INFO: Remote integrations not configured. Clean exit.
2022/01/19 18:23:22 wazuh-agentlessd: INFO: Not configured. Exiting.
2022/01/19 18:23:22 wazuh-authd: INFO: Started (pid: 606987).
2022/01/19 18:23:22 wazuh-authd: INFO: Accepting connections on port 1515. No password required.
2022/01/19 18:23:22 wazuh-authd: INFO: Setting network timeout to 1.000000 sec.
2022/01/19 18:23:23 wazuh-db: INFO: Started (pid: 607005).
2022/01/19 18:23:24 wazuh-execd: INFO: Started (pid: 607028).
2022/01/19 18:23:25 wazuh-syscheckd: INFO: Started (pid: 607057).
2022/01/19 18:23:25 wazuh-syscheckd: INFO: (6003): Monitoring path: '/bin', with options 'size | permissions | owner | group | mtime | inode | hash_md5 | hash_sha1 | hash_sha256 | scheduled'.
2022/01/19 18:23:25 wazuh-syscheckd: INFO: (6003): Monitoring path: '/boot', with options 'size | permissions | owner | group | mtime | inode | hash_md5 | hash_sha1 | hash_sha256 | scheduled'.
2022/01/19 18:23:25 wazuh-syscheckd: INFO: (6003): Monitoring path: '/etc', with options 'size | permissions | owner | group | mtime | inode | hash_md5 | hash_sha1 | hash_sha256 | scheduled'.
2022/01/19 18:23:25 wazuh-syscheckd: INFO: (6003): Monitoring path: '/sbin', with options 'size | permissions | owner | group | mtime | inode | hash_md5 | hash_sha1 | hash_sha256 | scheduled'.
2022/01/19 18:23:25 wazuh-syscheckd: INFO: (6003): Monitoring path: '/usr/bin', with options 'size | permissions | owner | group | mtime | inode | hash_md5 | hash_sha1 | hash_sha256 | scheduled'.
2022/01/19 18:23:25 wazuh-syscheckd: INFO: (6003): Monitoring path: '/usr/sbin', with options 'size | permissions | owner | group | mtime | inode | hash_md5 | hash_sha1 | hash_sha256 | scheduled'.
2022/01/19 18:23:25 wazuh-syscheckd: INFO: (6206): Ignore 'file' entry '/etc/mtab'
2022/01/19 18:23:25 wazuh-syscheckd: INFO: (6206): Ignore 'file' entry '/etc/hosts.deny'
2022/01/19 18:23:25 wazuh-syscheckd: INFO: (6206): Ignore 'file' entry '/etc/mail/statistics'
2022/01/19 18:23:25 wazuh-syscheckd: INFO: (6206): Ignore 'file' entry '/etc/random-seed'
2022/01/19 18:23:25 wazuh-syscheckd: INFO: (6206): Ignore 'file' entry '/etc/random.seed'
2022/01/19 18:23:25 wazuh-syscheckd: INFO: (6206): Ignore 'file' entry '/etc/adjtime'
2022/01/19 18:23:25 wazuh-syscheckd: INFO: (6206): Ignore 'file' entry '/etc/httpd/logs'
2022/01/19 18:23:25 wazuh-syscheckd: INFO: (6206): Ignore 'file' entry '/etc/utmpx'
2022/01/19 18:23:25 wazuh-syscheckd: INFO: (6206): Ignore 'file' entry '/etc/wtmpx'
2022/01/19 18:23:25 wazuh-syscheckd: INFO: (6206): Ignore 'file' entry '/etc/cups/certs'
2022/01/19 18:23:25 wazuh-syscheckd: INFO: (6206): Ignore 'file' entry '/etc/dumpdates'
2022/01/19 18:23:25 wazuh-syscheckd: INFO: (6206): Ignore 'file' entry '/etc/svc/volatile'
2022/01/19 18:23:25 wazuh-syscheckd: INFO: (6207): Ignore 'file' sregex '.log$|.swp$'
2022/01/19 18:23:25 wazuh-syscheckd: INFO: (6004): No diff for file: '/etc/ssl/private.key'
2022/01/19 18:23:25 wazuh-syscheckd: INFO: (6000): Starting daemon...
2022/01/19 18:23:25 wazuh-syscheckd: INFO: (6010): File integrity monitoring scan frequency: 43200 seconds
2022/01/19 18:23:25 rootcheck: INFO: Starting rootcheck scan.
2022/01/19 18:23:25 wazuh-syscheckd: INFO: (6008): File integrity monitoring scan started.
2022/01/19 18:23:26 wazuh-remoted: INFO: Started (pid: 607073). Listening on port 1514/TCP (secure).
2022/01/19 18:23:26 wazuh-remoted: INFO: (1410): Reading authentication keys file.
2022/01/19 18:23:27 wazuh-logcollector: INFO: Monitoring output of command(360): df -P
2022/01/19 18:23:27 wazuh-logcollector: INFO: Monitoring full output of command(360): netstat -tulpn | sed 's/\([[:alnum:]]\+\)\ \+[[:digit:]]\+\ \+[[:digit:]]\+\ \+\(.*\):\([[:digit:]]*\)\ \+\([0-9\.\:\*]\+\).\+\ \([[:digit:]]*\/[[:alnum:]\-]*\).*/\1 \2 == \3 == \4 \5/' | sort -k 4 -g | sed 's/ == \(.*\) ==/:\1/' | sed 1,2d
2022/01/19 18:23:27 wazuh-logcollector: INFO: Monitoring full output of command(360): last -n 20
2022/01/19 18:23:27 wazuh-logcollector: INFO: (1950): Analyzing file: '/var/ossec/logs/active-responses.log'.
2022/01/19 18:23:27 wazuh-logcollector: INFO: (1950): Analyzing file: '/var/log/auth.log'.
2022/01/19 18:23:27 wazuh-logcollector: INFO: (1950): Analyzing file: '/var/log/syslog'.
2022/01/19 18:23:27 wazuh-logcollector: INFO: (1950): Analyzing file: '/var/log/dpkg.log'.
2022/01/19 18:23:27 wazuh-logcollector: INFO: (1950): Analyzing file: '/var/log/kern.log'.
2022/01/19 18:23:27 wazuh-logcollector: INFO: Started (pid: 607104).
2022/01/19 18:23:28 wazuh-monitord: INFO: Started (pid: 607134).
2022/01/19 18:23:29 wazuh-modulesd: INFO: Started (pid: 607191).
2022/01/19 18:23:29 wazuh-modulesd:agent-upgrade: INFO: (8153): Module Agent Upgrade started.
2022/01/19 18:23:29 wazuh-modulesd:ciscat: INFO: Module disabled. Exiting...
2022/01/19 18:23:29 wazuh-modulesd:osquery: INFO: Module disabled. Exiting...
2022/01/19 18:23:29 sca: INFO: Module started.
2022/01/19 18:23:29 sca: INFO: Loaded policy '/var/ossec/ruleset/sca/cis_debian10.yml'
2022/01/19 18:23:29 wazuh-modulesd:database: INFO: Module started.
2022/01/19 18:23:29 sca: INFO: Starting Security Configuration Assessment scan.
2022/01/19 18:23:29 wazuh-modulesd:download: INFO: Module started.
2022/01/19 18:23:29 wazuh-modulesd:control: INFO: Starting control thread.
2022/01/19 18:23:29 wazuh-modulesd:task-manager: INFO: (8200): Module Task Manager started.
2022/01/19 18:23:29 wazuh-modulesd:syscollector: INFO: Module started.
2022/01/19 18:23:29 wazuh-modulesd:syscollector: INFO: Starting evaluation.
2022/01/19 18:23:29 sca: INFO: Starting evaluation of policy: '/var/ossec/ruleset/sca/cis_debian10.yml'
2022/01/19 18:23:29 wazuh-syscheckd: INFO: (6009): File integrity monitoring scan ended.
2022/01/19 18:23:30 wazuh-modulesd:syscollector: INFO: Evaluation finished.
2022/01/19 18:23:30 wazuh-analysisd: INFO: Total rules enabled: '262745'
2022/01/19 18:23:30 wazuh-analysisd: INFO: Started (pid: 607048).
2022/01/19 18:23:30 wazuh-analysisd: INFO: (7200): Logtest started
2022/01/19 18:23:31 wazuh-maild: CRITICAL: (1501): Invalid SMTP Server: smtp.example.wazuh.com
2022/01/19 18:23:51 rootcheck: INFO: Ending rootcheck scan.
2022/01/19 18:24:04 sca: INFO: Evaluation finished for policy '/var/ossec/ruleset/sca/cis_debian10.yml'
2022/01/19 18:24:04 sca: INFO: Security Configuration Assessment scan finished. Duration: 35 seconds.

Ranjith Kesavan

unread,
Jan 19, 2022, 2:11:56 PM1/19/22
to Wazuh mailing list
Alexis.. You are the savior. The issue is fixed after setting the timeout values on all the nodes. We have been working on this for quite some time and got the fix now. 

Alexis Rivas

unread,
Jan 19, 2022, 2:43:24 PM1/19/22
to Wazuh mailing list

Hi again,

Does adding the custom rules to ruleset/rules make any difference when it comes to validation and performance ?

Yes, indeed. All custom rules and decoders will be validated in the cluster validation process.

The issue is fixed after setting the timeout values on all the nodes.

Glad to hear that!

Regards,
and thanks for using Wazuh!

CJK

unread,
Nov 4, 2024, 2:07:46 AM11/4/24
to Wazuh | Mailing List
Hi Team,

I am also having a similar issue in wazuh 4.7 cluster setup. While i try to update decoder or configuration file from GUI the error repeats. On API request /cluster/configuration/validation timeout - 
In GUI this error  is shown --

Wazuh API error: ERR_BAD_RESPONSE - Timeout executing API request
AxiosError: Wazuh API error: ERR_BAD_RESPONSE - Timeout executing API request
    at settle (https://173.23.26.xxx/47502/bundles/plugin/wazuh/wazuh.plugin.js:8:20234)
    at XMLHttpRequest.onloadend (https://173.23.26.xxx/47502/bundles/plugin/wazuh/wazuh.plugin.js:8:25708)

While i check API connectivity & status on GUI no issues identified. wazuh-clusterd -t is fine, I checked the timeout config in cluster.json on both manager node and worker node both have the below config

"communication":{
            "timeout_cluster_request": 20,
            "timeout_dapi_request": 200,
            "timeout_receiving_file": 120,
            "max_zip_size": 1073741824,
            "min_zip_size": 31457280,
            "compress_level": 1,
            "zip_limit_tolerance": 0.2 :

I also tried to call this API request in curl by creation a token with the below format and same Timeout/Bad response error received

curl -k -X GET "https://172.23.21.xxx:55000/cluster/configuration/validation" -H "Authorization: Bearer $TOKEN" -H "Content-Type: application/json" -d '{"method": "GET", "path": "/cluster/configuration/validation", "body": {}, "id": "default"}'

Can anyone help me to fix this issue..?

Api.log
Api log1 config apply from GUI.png 
 
AppLogMessage.png
Reply all
Reply to author
Forward
0 new messages