In this scenario, a single user (sftpuser) who belongs to group (sftp) has been created, and the sshd_config on the SFTP Server (Ubuntu-based) has already been modified so the Home Directory for sftpuser is /home. Sample config:

During the investigation on the TAC ticket, it is sometimes required to gather coredump files from specific daemons that are having issues on the FortiAnalyzer/FortiManager.

To enable the coredump files for a specific daemon or PID, please use this command:

diagnose debug coredump enable <daemon-name>

Or 

diagnose debug coredump enable-pid <Process-ID>

After enabling the coredump feature on this device, the files will be generated automatically if the process or daemon terminates abnormally. There might be a waiting period before the files are generated. Monitoring can be done if any coredump files are being generated after a couple of hours by using the following command:

diag debug coredump list 

Once coredump files are ready, transferring the coredump files to the SFTP server is required as the next step:

diagnose debug coredump upload <daemon-name> sftp <SFTP-Server-IP> <username> <password> <directory>

Example:

diagnose debug coredump upload oftpd sftp 10.47.4.156 sftpuser fortinet /sftpuser/sftpfiles

Note: 

Coredump files will be uploaded to /home/sftpuser/sftpfiles.

SFTP clients like WinSCP/Filezilla/others can be used to download the coredump files from the SFTP Server: