|
On the FortiGate:
get system status
get system performance status
di sys session stat
get system ha
diag debug console timestamp enable
diag endpoint filter show-large-data yes
diag debug app fcnacd -1
diagnose debug duration 120
diag debug enable
diagnose firewall dynamic list
diag test app fcnacd 2
diag test app fcnacd 7
diag endpoint record list
diag test app wad 2200
diag test app wad 194
diag test app wad 101
diag wad debug enable category all
diag endpoint ztna-shm list
diag debug disable
di de crashlog read
From FortiOS version 7.6.0, TAG will be reflected in forward traffic logs. Refer to the below document for more information:
Include EMS tag information in traffic logs
- FortiClient UIDs (from the About page).
- FortiClient Diagnostic logs (for that specific client which should have enough logs for 1-2 days - based on file size).
On the EMS:
Collect these logs preferably when debug mode is enabled on EMS but that times-out in 30 minutes so it is not always easy to catch:
C:\Program Files (x86)\Fortinet\FortiClientEMS\logs
C:\Program Files (x86)\Fortinet\FortiClientEMS\Fcm\logs
|
