Fortinet black logo

Administration Guide

Debug log

Debug log

System > Maintenance > Debug enables you to download debug log and upload debug symbol file.

Before you can begin configuring debug log, you have to enable it first. By default, firewall is disabled.

To enable debug:
  1. Go to System > Config > Feature Visibility.
    To access this part of the web UI, your administrator's account access profile must have Read and Write permission to items in the System Configuration category. For details, see "Permissions" on page 1.
  2. Locate System Features.
  3. Enable Debug.
  4. Click Apply.
To customize the debug logs:
  1. Run commands similar to the following to capture the flow from the client (for example, host 10.0.8.104), and activate the debug flow required:
  2. FortiWeb # diagnose debug trace tcpdump filter "host 10.0.8.104"

    FortiWeb # diagnose debug trace tcpdump interface port1

    FortiWeb # diagnose debug flow filter client-ip 10.0.8.104

    FortiWeb # diagnose debug flow filter flow-detail 7

    FortiWeb # diagnose debug trace report start

  3. Initiate HTTP request from this client (10.0.8.104) to the virtual server.
  4. Stop collecting the information with the command below after some time:
  5. FortiWeb # diagnose debug trace report stop

  6. Download debug logs from System > Maintenance > Debug > Download .
    The following files are supported:
    • crash logs
    • daemon logs
    • kernel logs
    • netstat logs
    • coredump logs
    • perf logs
    • top logs
    • other logs
    • entire configuration file

Note: To access this part of the web UI, your administrator’s account must have the prof_admin permission. For details, see Permissions.

For details, see the FortiWeb CLI Reference:

HTTPs://docs.fortinet.com/product/fortiweb/

Debug log

System > Maintenance > Debug enables you to download debug log and upload debug symbol file.

Before you can begin configuring debug log, you have to enable it first. By default, firewall is disabled.

To enable debug:
  1. Go to System > Config > Feature Visibility.
    To access this part of the web UI, your administrator's account access profile must have Read and Write permission to items in the System Configuration category. For details, see "Permissions" on page 1.
  2. Locate System Features.
  3. Enable Debug.
  4. Click Apply.
To customize the debug logs:
  1. Run commands similar to the following to capture the flow from the client (for example, host 10.0.8.104), and activate the debug flow required:
  2. FortiWeb # diagnose debug trace tcpdump filter "host 10.0.8.104"

    FortiWeb # diagnose debug trace tcpdump interface port1

    FortiWeb # diagnose debug flow filter client-ip 10.0.8.104

    FortiWeb # diagnose debug flow filter flow-detail 7

    FortiWeb # diagnose debug trace report start

  3. Initiate HTTP request from this client (10.0.8.104) to the virtual server.
  4. Stop collecting the information with the command below after some time:
  5. FortiWeb # diagnose debug trace report stop

  6. Download debug logs from System > Maintenance > Debug > Download .
    The following files are supported:
    • crash logs
    • daemon logs
    • kernel logs
    • netstat logs
    • coredump logs
    • perf logs
    • top logs
    • other logs
    • entire configuration file

Note: To access this part of the web UI, your administrator’s account must have the prof_admin permission. For details, see Permissions.

For details, see the FortiWeb CLI Reference:

HTTPs://docs.fortinet.com/product/fortiweb/