FortiAnalyzer
FortiAnalyzer can receive logs and Windows host events directly from endpoints connected to EMS, and you can use FortiAnalyzer to analyze the logs and run reports.
FMG_TAC_Eng_1
Article Id 208641

Description

 

Troubleshooting manual backup on a FortiManager/FortiAnalyzer.

 

Scope

 

FortiManager, FortiAnalyzer.

 

Solution

 

General troubleshooting:

 

It is important to make sure that FortiManager/FortiAnalyzer does not have file system errors:

 

diagnose debug klog

 

If in a command output, it is possible to find messages like 'EXT4-fs error'  first complete file system check with command:

 

diagnose system fsck harddisk

 

Executing this command will restart FortiManager/FortiAnalyzer.

 

A system reboot will also solve a problem with a lack of space in /tmp folder, which can happen if processes are stopped unexpectedly without a chance to clear up temporary files.

 

It is possible to check if /tmp is full with the CLI command:

 

diagnose system print df

 

Example of manually executed backup operation:

Failed backup task will return status to a user session:

 

fmg # execute backup all-settings sftp 10.109.21.14 mnt/ssh <user> <passwd>

Starting backup all settings in background, Please wait.

fmg # Starting transfer the backup file to SFTP server...

SFTP failed: Error in the SSH layer 

Failed to backup all-settings due to SFTP transaction!

Backup all settings...Failed.

 

If the error 'SFTP failed: Error in the SSH layer' is received, include the '/' from the directory to get a successful backup using <crtpassword>:

 

fmg# exe backup all-settings sftp 10.47.1.182 /home/fortinet/downloads/ <username> <password> <crtpassword>

 

The successful backup task will return the status into a session of the user that has initiated the operation:

 

fmg # execute backup all-settings sftp 10.109.21.14 mnt/ssh/fmg_1 <user> <passwd>

Starting backup all settings in background, Please wait.

Starting transfer the backup file to SFTP server...

Transferred 131.104M of 131.104M in 0:00:03s (36.157M/s)

Backup all settings...Ok.

MD5: 368cae256f967e46cdff0a83b60d4c35

 

FortiManager/FortiAnalyzer Event Log messages related to the backup process:

 

Go to System Settings -> Event Log to view the local log list. FortiManager/FortiAnalyzer logs can be filtered by operation type:

 

operation="system backup"

 

The resulting list of event messages will have basic information on successful and failed attempts, with limited details.

 

Information required for submitting tickets:

  • Communication scheme between FortiManager/FortiAnalyzer and backup server.
  • Results of executing command 'execute tac report' on FortiManager/FortiAnalyzer.Events from section 'FortiManager/FortiAnalyzer Event Log messages related to backup process'.
  • Log from 'Example of manually executed backup operation' for manual backup.

 

Related articles:

Technical Tip: How to create a log file of a session using PuTTY

Technical Tip: How to stop a long backup job on the FortiAnalyzer