This article describes how to generate and export a device log report to facilitate troubleshooting device integration issues. There is a dedicated tool that will help to automatically collect the needed information and generate a single file that can be easily exported and shared in TAC support tickets.
While the tool is used, it is preferred to have one or more connected hosts and some VLANs or SSIDs configured in order to get better results from the output.
FortiNAC v7.2.4 and greater.
Before proceeding further make sure that the device is modeled and 'Validate Credential' is successful both for SNMP and CLI access:
The tool is available only through CLI. After login into the CLI, enter the shell mode:
fnac # execute enter-shell
fnac:~$ grab-device-debug 10.1.2.1
Debug script grab-device-debug starting for 10.1.2.1
Getting Device Info
Getting Dump Ports
Getting Device Tree
Enabling global debug: SnmpV1 TelnetServer BridgeManager ClientInterface DeviceInterface TrapHandler
Enabling device model debug:ForwardingInterface
Starting capture of /bsc/logs/output.master
Running UpdateClients
Running ReadForwardingTbl
Running ReadArpCache
Sleeping for 15 seconds to let things run
Disabling debug and stopping logging
Capturing FNAC Version
*************************************
Creating debug file tar -cvzf with:
device-debug-10.1.2.1/
device-debug-10.1.2.1/FNACversion.txt
device-debug-10.1.2.1/10.1.2.1.arp.txt
device-debug-10.1.2.1/10.1.2.1.rfdb.txt
device-debug-10.1.2.1/10.1.2.1.output.master.txt
device-debug-10.1.2.1/10.1.2.1.tree.txt
device-debug-10.1.2.1/10.1.2.1.ports.txt
device-debug-10.1.2.1/10.1.2.1.device.txt
Debug file device-debug-10.1.2.1.tar.gz located in /tmp
Attach /tmp/device-debug-10.1.2.1.tar.gz to the TAC ticket
*************************************
Note: Depending on the type of network device and the number of connected hosts, this process may take longer.
After the file is successfully created in the 'tmp' folder it can be extracted to an external server using one of the protocols: SCP, FTP, or TFTP. In this example, TFTP is used since setting up a server is easier and usually is already deployed by the network administrators.
fnac:~$ cd /tmp
fnac:/tmp$ tftp -pr device-debug-10.1.2.1.tar.gz tftp.eb.eu
Related article:
Technical Tip: Useful CLI commands in FortiNAC-OS for troubleshooting
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.