Customizing&downloading debug logs
There are several ways to collect or customize debug logs.
-
Many debug logs are stored at /var/log/gui_upload and can be downloaded via GUI:
-
Enable upload/download option in CLI first, then you’ll see the section GUI File Download/Upload in System > Maintenance > Backup & Restore:
config system settings
set enable-file-upload enable
end
- Select, compress and download debug logs or core/coredump files that you need.
- You can also login the backend shell, move or copy logs files from other directories to /var/log/gui_upload, and download them here.
-
Enable upload/download option in CLI first, then you’ll see the section GUI File Download/Upload in System > Maintenance > Backup & Restore:
-
One-click to archive and download most important logs (Recommended Way)
FortiWeb GUI provides a more easier way to collect such debug logs. Most logs under /var/log/debug/ and /var/log/gui_upload will be archived after you click the “Download” button on System > Maintenance > Debug > Download section.
Before you can begin downloading the debug log, you have to enable it first via System > Config > Feature Visibility > Debug.
Please note that some logs and core/coredump files may not be included in this archive file, so you may need to download them manually with the 1st method.
-
You can run diagnose debug commands to customize logs included in the archive debug file.
For example, you can capture the flow from the client 216.232.182.247 and activate the debug flow from it as below. Then you’ll find that the following files will be included in the downloaded debug file console_log.tar.gz:
- sn.txt: SN & current build
- entire configuration file
- crash logs
- daemon logs: the debug flow trace logs is included in this file
kernel logs
netstat logs
coredump logs
perf logs
top logs
nmon logs: regular record
jeprof.out.*.*.heap: need to enable jemalloc-conf and trigger jemalloc dump first
debug_net/disk/mem/process.txt or debug_out_d_mem/net/proc/cond.sh.txt: regular record
collect_xxx: captured pcap file (diagnose CLI filtered output) and other debug information
-
other logs
FortiWeb # diagnose debug trace tcpdump filter "host 216.232.182.247 and port 443"
FortiWeb # diagnose debug flow filter client-ip "216.232.182.247"
FortiWeb # diagnose debug flow filter flow-detail 7
FortiWeb # diagnose debug trace report
FortiWeb # diagnose debug trace report start
Then wait to collect traffic…
FortiWeb # diagnose debug trace report stop
Then you can click the “Download” button on System > Maintenance > Debug > Download to download the archive file:
Note: To access this part of the web UI, your administrator’s account must have the prof_admin permission. For details, see "Permissions" in FortiWeb Administration Guide.