Help
FortiNAC-F
FortiNAC-F is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks. For legacy FortiNAC articles prior to FortiNAC-F 7.2, see FortiNAC.
ebilcari
Staff
Staff

Created on ‎11-27-2023 06:01 AM

Article Id 286277

Troubleshooting Tip: Agent logs on end hosts

Description

 

This article describes how to collect Agent debug logs in end hosts for troubleshooting purposes.

 

Scope

 

FortiNAC.

 

Solution

 

The following log files are created on the host computer upon installation of the Persistent Agent. For the currently supported Agent version (v5.x, v9.x) the logs file can be found in this path:

 

On Windows hosts:

 

%ProgramData%\Bradford Networks

 

That is usually this absolute path:

 

C:\ProgramData\Bradford Networks\

 

The files are:

 

C:\ProgramData\Bradford Networks>dir
Volume in drive C has no label.
Volume Serial Number is

Directory of C:\ProgramData\Bradford Networks

12/01/2022 03:35 PM <DIR> .
12/01/2022 03:35 PM <DIR> ..
11/27/2023 01:17 PM 7,736 bndaemon_log.txt
11/27/2023 01:17 PM 216,870 general.txt
11/27/2023 12:21 AM 0 stdout.txt

 

On MacOS hosts (Agent version 10.x):

 

/var/log/bndaemon.error.log

/var/log/syslog

 

On Linux hosts:

 

/var/log/bndaemon

/var/log/secure

/var/log/messages


In the case of the Dissolvable Agent no logs are saved by default in the end host, a command needs to be run in FortiNAC CLI to enable the agent to generate the logs in the end host:

 

> agenttool debug -enableDA

Enabled Extra DA Policy Debug

 

In the case of  FortiNAC-F we need to enter shell first:

 

fortinac # execute enter-shell
fortinac:~$ agenttool debug -enableDA
Enabled Extra DA Policy Debug

 

While this debug command is enabled in FortiNAC, when the Dissolvable agent is downloaded and run on the end host it will create a helpful log file that can be found and extracted in this path:

 

 %temp%\csalog.txt 

 

When this logs are not needed anymore the debug command can be disabled from the FortiNAC CLI:

 

> agenttool debug -disableDA

 

Attach these files to the case. Upon submission, add a case comment with the details regarding the symptoms experienced, including any error messages, the steps taken that resulted in the symptom, and the timestamp of network changes or notifications.

 

Related articles:

Technical Note: Enable Windows Dissolvable Agent debug logging

Troubleshooting Tip: Windows Persistent Agent logs

Technical Note: macOS Persistent Agent logs

 

Related document:

Persistent Agent Deployment and Configuration

559
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.