Connected
FAZVM64 # dia debug enable
FAZVM64 # dia debug application sqlplugind 8
FAZVM64 # exe sql-report run root 10012
ADOM is disabled, use defalut ADOM root.
layout_num:1
start [0] get layout-id:10012.
start report_process, layout-id:10012, layout title:User Detailed Browsing Log.
device list:All_FortiGates.
reports num:1.
device list[0].FG100D3G13810087[root].
device list[1].FG100C3G11602284[root].
> running (S-10012_t10012-User Detailed Browsing Log-2014-11-06-1350) ...
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1965: Client '5' is accepted.
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1301: Received request (from:0, type:1).
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1363: subtype: 0
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1522: Execute SQL query: select ((case when itime_start >= 1415250000 and itime_end <= 1415299815 then 1 else 0 end) || '|' || tbl_name) as table_list from table_ref where (tbl_name like 'FGTADOM3-tlog-%') and (itime_end >= 1415250000 and itime_start <= 1415299815) order by itime_end desc
[1415299815] INFO: sqlplugind(379):sqlreport_main.c:1556: There are 2 tables selected.
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1599: Used 0.0007 seconds to process sql request. (from=0)
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1649: Prepare to send the result to client. (retcode=0, ds_size=65, errmsg=(null))
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1655: Send response to client successfully.
(4242d950) processing chart: User Details...
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1965: Client '5' is accepted.
(41c2c950) processing chart: Detailed Web Browsing Log...
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1965: Client '6' is accepted.
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1301: Received request (from:0, type:1).
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1363: subtype: 0
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1522: Execute SQL query: select ((case when itime_start >= 1415250000 and itime_end <= 1415299815 then 1 else 0 end) || '|' || tbl_name) as table_list from table_ref where (tbl_name like 'FGTADOM3-tlog-%') and (itime_end >= 1415250000 and itime_start <= 1415299815) order by itime_end desc
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1301: Received request (from:0, type:2).
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1522: Execute SQL query: create table hcache."HCACHE_16" with (autovacuum_enabled=false, toast.autovacuum_enabled=false) as select "user", srcip, coalesce(nullifna("srcname"),nullifna("srcmac")) as host_dev, srcintf, devid, count(*) as events from "FGTADOM3-tlog-1415271960" where (coalesce(nullifna("user"), ipstr(srcip)) IN ('all')) group by "user", srcip, host_dev, srcintf, devid order by events desc limit 12001
[1415299815] INFO: sqlplugind(379):sqlreport_main.c:1556: There are 2 tables selected.
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1599: Used 0.0026 seconds to process sql request. (from=0)
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1649: Prepare to send the result to client. (retcode=0, ds_size=65, errmsg=(null))
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1965: Client '9' is accepted.
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1655: Send response to client successfully.
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1301: Received request (from:0, type:2).
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1522: Execute SQL query: create table hcache."HCACHE_17" with (autovacuum_enabled=false, toast.autovacuum_enabled=false) as select dtime, catdesc, hostname, action, sum(coalesce(sentbyte, 0)+coalesce(rcvdbyte, 0)) as bandwidth from "FGTADOM3-tlog-1415271960" where (coalesce(nullifna("user"), ipstr(srcip)) IN ('all')) and hostname is not null and logid_to_int(logid) not in (4, 7, 14) and utmevent in ('webfilter', 'banned-word', 'web-content', 'command-block', 'script-filter') group by dtime, catdesc, hostname, action order by dtime desc limit 12001
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1599: Used 0.2686 seconds to process sql request. (from=0)
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1649: Prepare to send the result to client. (retcode=0, ds_size=10, errmsg=(null))
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1655: Send response to client successfully.
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1965: Client '6' is accepted.
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1301: Received request (from:0, type:0).
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1522: Execute SQL query: select * from (select dtime, catdesc, hostname, action, sum(coalesce(sentbyte, 0)+coalesce(rcvdbyte, 0)) as bandwidth from "FGTADOM3-tlog-1415271960" where (coalesce(nullifna("user"), ipstr(srcip)) IN ('all')) and hostname is not null and logid_to_int(logid) not in (4, 7, 14) and utmevent in ('webfilter', 'banned-word', 'web-content', 'command-block', 'script-filter') group by dtime, catdesc, hostname, action order by dtime desc) t limit 0
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1599: Used 0.0026 seconds to process sql request. (from=0)
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1649: Prepare to send the result to client. (retcode=0, ds_size=40, errmsg=(null))
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1655: Send response to client successfully.
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1301: Received request (from:0, type:1).
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1363: subtype: 0
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1522: Execute SQL query: select ((case when itime_start >= 1415250000 and itime_end <= 1415299815 then 1 else 0 end) || '|' || tbl_name) as table_list from table_ref where (tbl_name like 'FGTADOM3-wlog-%') and (itime_end >= 1415250000 and itime_start <= 1415299815) order by itime_end desc
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1599: Used 0.0003 seconds to process sql request. (from=0)
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1649: Prepare to send the result to client. (retcode=0, ds_size=38, errmsg=(null))
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1965: Client '9' is accepted.
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1655: Send response to client successfully.
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1301: Received request (from:0, type:0).
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1522: Execute SQL query: select * from (select dtime, catdesc, hostname, action, sum(coalesce(sentbyte, 0)+coalesce(rcvdbyte, 0)) as bandwidth from "FGTADOM3-wlog-1415217600" where itime >= 1415250000 and itime <= 1415299815 and (coalesce(nullifna("user"), ipstr(srcip)) IN ('all')) and hostname is not null and (eventtype is null or logver=52) group by dtime, catdesc, hostname, action order by dtime desc) t limit 0
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1599: Used 0.0033 seconds to process sql request. (from=0)
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1649: Prepare to send the result to client. (retcode=0, ds_size=40, errmsg=(null))
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1655: Send response to client successfully.
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1301: Received request (from:0, type:0).
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1522: Execute SQL query: select "timestamp", "catdesc", "website", "status", "bandwidth" from (select from_dtime(dtime) as timestamp, catdesc, hostname as website, action as status, sum(bandwidth) as bandwidth from (((select dtime, catdesc, hostname, action, sum(coalesce(sentbyte, 0)+coalesce(rcvdbyte, 0)) as bandwidth from "FGTADOM3-tlog-1415203200" where itime >= 1415250000 and itime <= 1415299815 and (coalesce(nullifna("user"), ipstr(srcip)) IN ('all')) and hostname is not null and logid_to_int(logid) not in (4, 7, 14) and utmevent in ('webfilter', 'banned-word', 'web-content', 'command-block', 'script-filter') group by dtime, catdesc, hostname, action order by dtime desc)) union all ((select dtime, catdesc, hostname, action, sum(coalesce(sentbyte, 0)+coalesce(rcvdbyte, 0)) as bandwidth from "FGTADOM3-wlog-1415217600" where itime >= 1415250000 and itime <= 1415299815 and (coalesce(nullifna("user"), ipstr(srcip)) IN ('all')) and hostname is not null and (eventtype is null or logver=52) group by dtime, catdesc, hostname, action order by dtime desc))) t group by dtime, catdesc, website, status order by dtime desc) t
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1599: Used 0.3411 seconds to process sql request. (from=0)
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1649: Prepare to send the result to client. (retcode=0, ds_size=10, errmsg=(null))
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1655: Send response to client successfully.
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1965: Client '6' is accepted.
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1301: Received request (from:0, type:0).
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1522: Execute SQL query: select * from (select "user", srcip, coalesce(nullifna("srcname"),nullifna("srcmac")) as host_dev, srcintf, devid, count(*) as events from "FGTADOM3-tlog-1415271960" where (coalesce(nullifna("user"), ipstr(srcip)) IN ('all')) group by "user", srcip, host_dev, srcintf, devid order by events desc) t limit 0
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1599: Used 0.0006 seconds to process sql request. (from=0)
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1649: Prepare to send the result to client. (retcode=0, ds_size=41, errmsg=(null))
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1655: Send response to client successfully.
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1301: Received request (from:0, type:0).
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1522: Execute SQL query: select "user_detail" from (select 'User: ' || string_agg(distinct coalesce(nullifna("user"), 'Unknown'), '/') || '
' || 'Source IP: ' || string_agg(distinct coalesce(ipstr(srcip), 'Unknown'), '/') || '
' || 'Hostname (MAC): ' || string_agg(distinct coalesce(host_dev, 'Unknown'), '/') || '
' || 'Source Interface: ' || string_agg(distinct coalesce(nullifna(srcintf), 'Unknown'), '/') || '
' || 'Devices: ' || string_agg(distinct coalesce(devid, 'Unknown'), '/') as user_detail from ((select "user", srcip, coalesce(nullifna("srcname"),nullifna("srcmac")) as host_dev, srcintf, devid, count(*) as events from "FGTADOM3-tlog-1415203200" where itime >= 1415250000 and itime <= 1415299815 and (coalesce(nullifna("user"), ipstr(srcip)) IN ('all')) group by "user", srcip, host_dev, srcintf, devid order by events desc)) t) t limit 1
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1599: Used 0.2500 seconds to process sql request. (from=0)
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1649: Prepare to send the result to client. (retcode=0, ds_size=13, errmsg=(null))
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1655: Send response to client successfully.
User Details Success.
(4242d950) Done, 0.638 sec used.
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1599: Used 0.5079 seconds to process sql request. (from=0)
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1649: Prepare to send the result to client. (retcode=1, ds_size=0, errmsg=(null))
[1415299815] DEBUG: sqlplugind(379):sqlreport_main.c:1655: Send response to client successfully.
Detailed Web Browsing Log No data.
(41c2c950) Done, 0.806 sec used.
report took: 1.007 secs
> rendering (S-10012_t10012-User Detailed Browsing Log-2014-11-06-1350) (en) ...
[1415299816] DEBUG: sqlplugind(379):sqlreport_main.c:1965: Client '5' is accepted.
sql_rpt_render_dir : start
chart name:User Details, sub_style:0, sty_attr:1.
chart name:User Details.
column_graph_type:0
col_span:0
0302 HTML Report (dbgmsg off)
(l)
(d) /Storage/Reports/ADOMs/root/2014_11_06/S-10012_t10012-User Detailed Browsing Log-2014-11-06-1350
(r)
Generate PDF report at /Storage/Reports/ADOMs/root/2014_11_06/S-10012_t10012-User Detailed Browsing Log-2014-11-06-1350
Debug: false
Copy resources files ..
Process template files ..
body_footer.html
body_header.html
cover_footer.html
cover_header.html
cover_page.html
toc.xsl
Generate PDF report...
wkhtmltopdf --dpi 76 -L 0 -R 0 -T 25 -B 15 -s Letter cover_page.html --header-html cover_header.html --footer-html cover_footer.html --exclude-from-outline --page-offset -1 --load-error-handling ignore toc --footer-html body_footer.html --footer-spacing 5 --xsl-style-sheet toc.xsl report_body.html --header-html body_header.html --header-spacing 2 --footer-html body_footer.html --footer-spacing 2 ./FortiAnalyzer_Report.pdf
[1415299817] DEBUG: sqlplugind(379):sqlreport_main.c:1965: Client '5' is accepted.
[1415299817] DEBUG: sqlplugind(379):sqlreport_main.c:1301: Received request (from:0, type:0).
[1415299817] DEBUG: sqlplugind(379):sqlreport_main.c:1522: Execute SQL query: select 0 as src, tbl_name, flags from vacuum_tablst order by timestamp desc limit 1
[1415299817] DEBUG: sqlplugind(379):sqlreport_main.c:1599: Used 0.0003 seconds to process sql request. (from=0)
[1415299817] DEBUG: sqlplugind(379):sqlreport_main.c:1649: Prepare to send the result to client. (retcode=1, ds_size=0, errmsg=(null))
[1415299817] DEBUG: sqlplugind(379):sqlreport_main.c:1655: Send response to client successfully.
Fontconfig error: Cannot load default config file Loading pages (1/6) [> ] 0%[===> ] 5%[======> ] 10%[======> ] 11%[======> ] 11%[============> ] 21%[=============> ] 23%[=================================> ] 55%[=================================> ] 56%[===========================================> ] 72%[============================================> ] 74%[============================================================] 100%Counting pages (2/6) [===================> ] Object 1 of 3[============================================================] Object 3 of 3Loading TOC (3/6) [======> ] 10%[==============================> ] 50%[============================================================] 100%[======> ] 10% [==============================> ] 50%[============================================================] 100%Resolving links (4/6) [===================> ] Object 1 of 3[=======================================> ] Object 2 of 3[============================================================] Object 3 of 3Loading headers and footers (5/6) [> ] 1%[=> ] 2%[=> ] 3%[==> ] 4%[===> ] 5%[===> ] 6%[====> ] 7%[====> ] 8%[======> ] 10%[========> ] 14%[============> ] 20%[==============> ] 24%[==================> ] 30%[====================> ] 34%[========================> ] 40%[==========================> ] 44%[==============================> ] 50%[================================> ] 54%[====================================> ] 60%[======================================> ] 64%[==========================================> ] 70%[============================================> ] 74%[================================================> ] 80%[==================================================> ] 84%[======================================================> ] 90%[========================================================> ] 94%[============================================================] 100%Printing pages (6/6) [> ] Preparing[============> ] Page 1 of 5[========================> ] Page 2 of 5[====================================> ] Page 3 of 5[================================================> ] Page 4 of 5[============================================================] Page 5 of 5Done
Generate HTML report...
Cleanup ..
rm -f ./body_footer.html
rm -f ./body_header.html
rm -f ./cover_footer.html
rm -f ./cover_header.html
rm -f ./cover_page.html
rm -f ./toc.xsl
rm -f ./report_body.html
rm -f ./report_toc.html
rm -f ./replace.sed
done.
Report [S-10012_t10012-User Detailed Browsing Log-2014-11-06-1350] finished at Thu (4) 2014-11-06 13:50:18.