Description
This article describes how to use Teraterm to generate long term log files.
Scope
FortiAP, Teraterm version 4.
Solution
Sometimes, TAC needs to monitor for extended periods, running a series of diagnostic commands every certain amount of time to get device status until certain conditions occur before a problem can be detected.
Generating a single SSH log file will be difficult as it may fail due to the diagnostic computer resources (RAM, storage) being exhausted before gathering any useful information. In this case, generating an automatic log file every few megabytes can prevent this issue and generate log files with an appropriate size for easier analysis and sharing with other teams, also it will control and free up RAM usage on diagnose computer.
Follow the steps below:
- In the Setting menu, find the additional setting Enable the following functions for logging:
- Log rotation: Log rotation is enabled. The extension of the rotated file will be added .1, .2, .3, etc.
- Size: The log file will be rotated if it becomes larger than Size bytes. If Size is followed by KB, the size is assumed to be in kilobytes. If MB is used, the size is in megabytes.
- Rotate: The log file will be rotated before it is removed. If Rotate is 0, the old version will not be removed and will not be rotated.
Set log rotation enabled with size 10 Mbytes and rotation set to 0.
Note:
Test these settings first by configuring a small file size like 100k and check if the settings are correct. Then change to the intended file size.
Under the Logging Options submenu, set log options Append, Plain Text, and enable timestamp with local time.
- Log in to the FortiAP go to Control menu -> Macro on the Teraterm application menu and load a script.
As an example, a script for a FortiAP has been developed, ap-ext-mon.ttl, to make it easier to run a script on the FortiAP.
It will disable the admin timeout timer, show the current status on FortiAP, and clear old kernel panic records, then start to run in an endless loop with some commands to monitor. It will end when the ssh session is disconnected or when user manually stops it. It will open second window to control script execution.
Use this script as an example to create custom scripts.
; ---- variable to edit ---
pausetime = 1 ; seconds before restarting command list
pauseentre = 2 ; seconds before executing each command
; ---- don't edit under this line ----
sendln 'cfg -a ADMIN_TIMEOUT=0'
pause pauseentre
sendln 'cfg -c'
pause pauseentre
sendln 'fap-get-status'
pause pauseentre
sendln 'kpr'
pause pauseentre
while 1
sendln 'date'
pause pauseentre
sendln 'ut'
pause pauseentre
sendln 'perf'
pause pauseentre
sendln 'wcfg'
pause pauseentre
sendln 'rcfg'
pause pauseentre
sendln 'vcfg'
pause pauseentre
sendln 'sta'
pause pauseentre
sendln 'usta'
pause pauseentre
sendln 'apscan'
pause pauseentre
sendln 'stascan'
pause pauseentre
sendln 'brctl show'
pause pauseentre
sendln 'arp -an'
pause pauseentre
sendln 'ifconfig eth0'
pause pauseentre
sendln 'ifconfig br0'
pause pauseentre
sendln 'kp'
pause pauseentre
pause pausetime
endwhile
- Leave it running and leave it unattended. At the end of the day, check the FortiGate GUI Wifi event log and check relevant events (like 'physical ap fail').
Look at the Wifi event logs and filter by FortiAP NAME or Serial to know about the time the problem has happened. If monitoring another device, it is also possible to use the device log to find relevant events and then use the date and time on log entries to find relevant log files.
Upload to Ticket the first generated file from both sessions and files generated around the time the problem was registered and export Filtered FortiAp WIFI event logs to a file and attach it for analysis.
Note:
Share the first generated files with TAC in advance to check if everything is set up properly before you start logging, it could be useful to make sure all requested information is generated.
