Created on 11-27-2023 06:01 AM Edited on 12-09-2024 05:15 AM By Jean-Philippe_P
This article describes how to collect Agent debug logs in end hosts for troubleshooting purposes.
FortiNAC.
The following log files are created on the host computer upon installation of the Persistent Agent. For the currently supported Agent version (v5.x, v9.x) the logs file can be found in this path:
On Windows hosts:
%ProgramData%\Bradford Networks
That is usually this absolute path:
C:\ProgramData\Bradford Networks\
The files are:
C:\ProgramData\Bradford Networks>dir
Volume in drive C has no label.
Volume Serial Number is
Directory of C:\ProgramData\Bradford Networks
12/01/2022 03:35 PM <DIR> .
12/01/2022 03:35 PM <DIR> ..
11/27/2023 01:17 PM 7,736 bndaemon_log.txt
11/27/2023 01:17 PM 216,870 general.txt
11/27/2023 12:21 AM 0 stdout.txt
The agent logs can also be checked in real-time with the PowerShell tool similar to the output of the 'tail -f' command as follows:
PS > Get-Content "C:\ProgramData\Bradford Networks\general.txt" -Wait -tail 1
2024-12-07 16:27:46 UTC :: Detected Server Version: 0
2024-12-07 16:28:06 UTC :: Debug: DelimVersion.. Requested: 6.1 System: 6.3 Delim: .
2024-12-07 16:28:06 UTC :: Debug: DelimVersion.. Returning: false
On MacOS hosts (Agent version 10.x):
/var/log/bndaemon.error.log
/var/log/syslog
On Linux hosts:
/var/log/bndaemon
/var/log/secure
/var/log/messages
In the case of the Dissolvable Agent no logs are saved by default in the end host, a command needs to be run in FortiNAC CLI to enable the agent to generate the logs in the end host:
> agenttool debug -enableDA
Enabled Extra DA Policy Debug
In the case of FortiNAC-F, it is necessary to enter the shell first:
fortinac # execute enter-shell
fortinac:~$ agenttool debug -enableDA
Enabled Extra DA Policy Debug
While this debug command is enabled in FortiNAC, when the Dissolvable agent is downloaded and run on the end host it will create a helpful log file that can be found and extracted in this path:
%temp%\csalog.txt
When these logs are not needed anymore the debug command can be disabled from the FortiNAC CLI:
> agenttool debug -disableDA
Attach these files to the case. Upon submission, add a case comment with the details regarding the symptoms experienced, including any error messages, the steps taken that resulted in the symptom, and the timestamp of network changes or notifications.
Related articles:
Technical Note: Enable Windows Dissolvable Agent debug logging
Troubleshooting Tip: Windows Persistent Agent logs
Technical Note: macOS Persistent Agent logs
Related document:
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.