Session logging in PuTTY preserves a local transcript of interactive terminal work for troubleshooting, compliance audits, and sharing reproducible command output.
PuTTY writes log data on the local Windows system using options in the Session → Logging panel. The selected logging mode controls whether a clean, readable text transcript is stored, whether terminal control characters are also captured, or whether low-level SSH protocol packets are recorded for debugging.
Log files often contain sensitive material such as commands, hostnames, and application output, and SSH packet logs can expose credentials when password authentication is used. Store logs in a controlled directory, use unique filenames to avoid overwriting, and prefer Printable output unless terminal control troubleshooting requires All session output.
None disables log file creation, Printable output is the typical choice for readable transcripts, and All session output includes terminal control codes for display/debug analysis.
SSH packets and SSH packets and raw data are intended for protocol-level debugging and can record sensitive fields; treat packet logs as secrets and avoid sharing unredacted files.
C:\puttylogs\putty-&H-&Y&M&D-&T.log
PuTTY replaces &H (host), &P (port), &Y (year), &M (month), &D (day), and &T (time) to generate unique filenames per connection.
Always overwrite it replaces the previous log, Always append to the end of it keeps a continuous file, and Ask the user every time prompts on each connection.
Frequent flushing reduces the chance of losing recent output on unexpected termination, at the cost of additional disk writes.
Omission options only affect SSH packet logging modes and help reduce sensitive material in logs intended for external review.
If no file is created, re-check that the logging mode is not None and that the directory in the log file path exists and is writable.