|
Assuming the log is enabled, follow the below KB article:
Technical Tip: How to enable traffic logs for version 7.0 and later
Problem Summary:
An issue was reported where FortiWeb does not record any kind of log.
Troubleshooting:
In order to further verify the issue collect and attach the below-requested logs, and upload them to the Ticket:
diag debug crash logs show
get system status
fnsysctl ps
get system status
diag hardware logdisk info
diag system mount list
diag hardware harddisk list
diag debug application logd 7
diag debug enable
or Workaround:
Run command 'diag sys top'<----- Ctrl+C to stop it from running.
Note down process ID for logd process.
Then run the command:
diag sys kill 9 <process id of logd>
If this step does not solve the issue, rebuild the Database.
Run the below CLI command for database rebuild:
execute db rebuild
This operation will clean and rebuild the database for disklog.
The proposed workaround involved rebuilding the log database to possibly resolve the issue:
- It is recommended to run this command during low peak hours. This is because the process recreates the log database.
Note:
Users facing similar log delay issues should consider rebuilding the log database but should be aware of the potential high disk IO usage during the process and thus choose off-peak hours for the operation.
If the Fortiweb has HA configuration, note in HA mode, running 'execute db rebuild' on the master appliance will take effect on all slaves simultaneously.
|
