Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ppatel
Staff
Staff

Created on ‎03-31-2022 02:54 AM Edited on ‎06-28-2022 05:56 AM By Community Manager

Article Id 208018

Troubleshooting Tip: IPS engine new debug commands

Description

This article describes how to run IPS engine debug in 6.4 and later firmware’s.
Scope

FortiGate v6.4.

FortiGate v7.0.
Solution

The old '# diag debug application ipsmonitor -1command is now obsolete and does not show very useful data.

 

Do not use it unless specifically requested.

 

Here is how to debug IPSengine in 6.4 or later:

 

# diag ips debug enable ?
    init              init
    packet            packet
    packet_detail     packet_detail
    ************      *****
    all               all

 

Select the appropriate categories to filter the outputs, or select 'All'

example:

 

      # diagnose ips debug enable ssl

   # diagnose ips debug enable dissector
   # diagnose debug enable

In case of production environment, run this debug only during low traffic hours, especially if 'ALL' is used, due to CPU usage impact.

 

To set the source filter on IPS for diagnosing 1 particular source ip so that the logs generated are less, run below commands:

 

# diag ips filter set 'src 192.168.2.1'

 

Verify the source as it is important step to verify it so it shows logs are filtered as per below command:

 

# diag ips filter status
DEBUG FILTER:
debug level: 0
filter: "src 192.168.2.1"
process id: 0
Labels:
8851
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.