Hi,
On one of my 200E firewalls, after some time, logging to memory does not show anything but after restarting the device it comes up and working. Any way to troubleshoot and solve the problem?
Regards,
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hey mhdganji,
what firmware version is the affected FortiGate?
As for restarting logging without restarting the whole device, this can usually be achieved by restarting the miglogd service:
#fnsysctl killall miglogd
If you are looking to troubleshoot the logging issue, you can also dig into the miglogd debug itself:
#dia de app miglogd -1
#dia de en
When FortiGate is enabled with memory logging, default specific amount of memory space will be allocated for memory logging. Memory logging is not suggested in Lower/middle end firewall,you can configure either Disk or external logging like Fortianalyzer for logging.
Hi,
memory logging is not suggested in Lower end firewall, for troubleshooting any specific issue or for monitoring the traffic logs locally, it is possible to enable the memory logging and disable it later.
Hi Waqas,
Yes, you can enable the logging for temporarily but it will not store the logs, it will display only the most recent logs entries only.
Hi,
I just need it to do some fast troubleshooting but anyway I need it. Is there any daemon or service to bring it back alive without restarting the device? And my main question still on the table: why it happens just to this device among many ones?
regards
Hey mhdganji,
what firmware version is the affected FortiGate?
As for restarting logging without restarting the whole device, this can usually be achieved by restarting the miglogd service:
#fnsysctl killall miglogd
If you are looking to troubleshoot the logging issue, you can also dig into the miglogd debug itself:
#dia de app miglogd -1
#dia de en
"fnsysctl killall miglogd" did the trick. The command is not predicted while typing and I was looking for it more than 30 minutes :)
The O.S. is 6.4.5. Maybe I should update it to resolve the problem.
Happy I was able to help at least a bit :).
As for your FortiGate in 6.4.5 version - there was an older bug in 6.0 versions where logging would randomly stop after a few days, but 6.4.5 is not affected by this. I did have a poke through our bug database, but couldn't find anything logging-related that matches what you described so far, so I'm not sure what's going on.
I would suggest you open a ticket with FortiGate Technical Support for further investigation.
Hi,
Even after updating to 7.0.6 the problem still is there.
After fnsysctl killall miglogd the logs are displayed for a while but again they vanish.
This is the log of miglogd. Any hint from this log to find out the problem?
Hey mhdganji,
the output looks fine to me - a technical ticket is probably the best way to go here, to really dig into debug and figure out what may be happening.
Sorry to hear the issue is not resolved.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1517 | |
1013 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.