Created on
09-28-2018
05:40 AM
Edited on
05-11-2023
06:29 AM
By
Jean-Philippe_P
Description
This article describes the grab-log-snapshot report as one utility that collects a snapshot of a system's logfiles, stacktrace and memory information plus other information needed in order to diagnose a problem.
This utility is very useful when problem descriptions similar to the following are reported to Support:
- The appliance is hung for some reason.
- See something about an OutOfMemory problem on the appliance.
- Perceived slow performance of the appliance/VM
- 'Processes are down' message on the GUI instead of the login.
Important:
- The utility has to be run prior to a reboot of the appliance. In some instances, a reboot can destroy evidence of a problem.
- If Control Server/Application Server or High Availability pair, the script has to be run on each appliance.
Scope
Version: 8.x and greater.
Solution
This will generate and download a snapshot of the logs directly from the browser. The status is shown at the bottom right of the screen.
CLI Instructions for older versions:
1) Log into the CLI of the appliance as root.
2) Execute the script:
grab-log-snapshot
The script will collect and zip a large number of files.
This will take several minutes.
The resulting zip file (log-snapshot-<hostname>-<timestamp>.tar.gz) is located in /tmp directory.
Example.
grab-log-snapshot
This program grabs a snapshot of the system logfiles.
It takes several minutes to run.
Gathering logfiles...
Gathering system info....
Grabbing stacktraces....
Grabbing memory info....
Grabbing scheduler info....
Grabbing cluster network info....
Grabbing license info...
Packaging logfiles (takes a little while)...
All done.
Prelink messages that state that 'at least one of file's dependencies has changed since prelinking' can be ignored.
Logs are here: /tmp/log-snapshot-fortinac.forti.lab-20230428160858.tar.gz
Give this file to Support.
If a CPU performance or a memory-usage are experienced the problem, arrange with Support to run the collect-linux-debug-info script.
3) Retrieve the grab-log-snapshot file(s) to submit to Support. This can be done using WinSCP or a similar application (specify SCP protocol) to download the files from the appliance.
If the file(s) are too big, contact Support for assistance.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.