Help
FortiNAC
NOTE: FortiNAC is now named FortiNAC-F. For post-9.4 articles, see FortiNAC-F. FortiNAC is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks.
FortiKoala
Staff
Staff

Created on ‎09-28-2018 05:40 AM Edited on ‎02-02-2024 06:34 AM By Moderator

Article Id 190755

Technical Tip: How to get a debug log report from FortiNAC

Description


This article describes the grab-log-snapshot report as one utility that collects a snapshot of a system's logfiles, stacktrace and memory information plus other information needed in order to diagnose a problem.  

 

Logs should be collected during any of the following scenarios:

 

  • Reproducing a problem (additional debug may need to be enabled. Use the commands provided by Support or in the applicable integration reference manual in the Document Library).
  • The appliance is hung for some reason.
  • Something about an 'OutOfMemory' issue is seen on the appliance.
  • Slow performance of the appliance/VM is noticed.
  • The 'processes are down' message appears on the GUI instead of the login.


Important: 

  • The utility has to be run prior to a reboot of the appliance. In some instances, a reboot can destroy evidence of a problem.
  • If a Control Server/Application Server or a High Availability pair is in use, the script has to be run on each appliance.


Scope

 

Version: FortiNAC legacy 8.x and greater.

Version: FortiNAC-OS 7.2.x and greater.

 

Solution

 

GUI Instructions (available in versions 9.4, 7.2, and greater):
 
download logs 2.PNG

 

This will generate and download a snapshot of the logs directly from the browser. The status is shown at the bottom right of the screen.


In HA environment when Primary is in control, there is a possibility to generate secondary node grab-log-snapshot from GUI.

Click on ? Question Mark icon, then into the "Gear" (settings) icon:

 

image (6).png

 

Download logs - Advanced option to download primary or/and secondary node grab-log-snapshot will appear:

Download Logs.png

 

Click on the image to view it in greater detail.

 

 

CLI Instructions (CentOS appliance):

 

  1. Log into the CLI of the appliance as root.
  2. Execute the script:


grab-log-snapshot


The script will collect and zip a large number of files.

This will take several minutes.

The resulting zip file (log-snapshot-<hostname>-<timestamp>.tar.gz) is located in the /tmp directory.

For example:

 

grab-log-snapshot


This program grabs a snapshot of the system logfiles.
It takes several minutes to run.

Gathering logfiles...
Gathering system info....
Grabbing stacktraces....
Grabbing memory info....
Grabbing scheduler info....
Grabbing cluster network info....
Grabbing license info...
Packaging logfiles (takes a little while)...

All done.


Prelink messages that state that 'at least one of file's dependencies has changed since prelinking' can be ignored.

Logs are here: /tmp/log-snapshot-fortinac.forti.lab-20230428160858.tar.gz
Give this file to Support.

If a CPU performance or a memory-usage are experienced the problem, arrange with Support to run the collect-linux-debug-info script.

 

  1. Retrieve the grab-log-snapshot file(s) to submit to Support. This can be done using WinSCP or a similar application (specify SCP protocol) to download the files from the appliance.
  2. Submit to Support. Open a support ticket and upload the files. Note: A comment must be added in order for the file to be saved.

 

If the file(s) are too big, contact Support for assistance.

Labels:
10528
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.