Difference between revisions of "Monitoring"

From Tech-Wiki
Jump to: navigation, search
 
(20 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
[[Category:Fortinet]]
 
[[Category:Fortinet]]
 +
 +
Viewing logs from command line
 +
exec log filter category 0 (0:traffic 1:event 3:webfilter)
 +
exec log filter device 2 (0:memory 1:faz (fortianalyzer) 2:fds (disk))
 +
exec log filter field dstport 443  (or dstip 10.1.1.1)
 +
exec log filter view-lines 200
 +
exec log display
  
 
Get system information:
 
Get system information:
  Get sys status
+
  get sys status
  Get sys performance status
+
  get sys performance status
  Get hardware status
+
  get hardware status
 
  diag hardware deviceinfo disk
 
  diag hardware deviceinfo disk
 +
diag sys session stat
  
 
Get CPU information and killing (restarting) process:
 
Get CPU information and killing (restarting) process:
  diag sys top
+
  diag sys performance top
  diag sys top-summary
+
  diag sys perf top-summary
  diag sys kill 11 <pid> (or kill 15)
+
  diag sys kill <signal> <pid>
 +
  9 unconditional kill
 +
  11 segmentation fault kill*
 +
  15 graceful kill
 +
 
 +
Killing process by name
 +
fnsysctl killall reportd
  
 
Get memory information and conserve mode:
 
Get memory information and conserve mode:
 +
diag hardware sysinfo conserve
 
  diag hardware sysinfo mem
 
  diag hardware sysinfo mem
 
  diag hardware sysinfo shm
 
  diag hardware sysinfo shm
Line 21: Line 36:
 
  diag firewall iprope state
 
  diag firewall iprope state
 
     Av_break=pass/pass – kernel conserve mode
 
     Av_break=pass/pass – kernel conserve mode
 +
 +
Troubleshoot VPN, Authentication and Updates
 +
diag debug application <daemon> <level>
 +
diag debug enable
 +
Daemons that support debug: sslvpn ike authd update
 +
level:
 +
  0 disabled
 +
  -1 shows all info
 +
  other values: depends on daemon
  
 
Get network information and statistics:
 
Get network information and statistics:
 
  show sys interface
 
  show sys interface
 
  diag hardware deviceinfo nic <port>
 
  diag hardware deviceinfo nic <port>
 +
diag netlink interface list name <port>
 +
fnsysctl ifconfig <port>
  
Get disk logging statistics:
+
Get disk logging usage:
 
   diag sys logdisk usage
 
   diag sys logdisk usage
 +
 +
Display WebFilter statistics:
 +
diag webfilter fortiguard statistics list
  
 
Display IPs blocked by Anomalies:
 
Display IPs blocked by Anomalies:
 
   diag ips anomaly list
 
   diag ips anomaly list
 +
 +
You can test blocked pages using [https://fortiguard.com/webfilter/categories this site].

Latest revision as of 19:15, 2 December 2020


Viewing logs from command line

exec log filter category 0 (0:traffic 1:event 3:webfilter)
exec log filter device 2 (0:memory 1:faz (fortianalyzer) 2:fds (disk))
exec log filter field dstport 443  (or dstip 10.1.1.1)
exec log filter view-lines 200
exec log display

Get system information:

get sys status
get sys performance status
get hardware status
diag hardware deviceinfo disk
diag sys session stat

Get CPU information and killing (restarting) process:

diag sys performance top
diag sys perf top-summary
diag sys kill <signal> <pid>
  9 unconditional kill
 11 segmentation fault kill*
 15 graceful kill

Killing process by name

fnsysctl killall reportd

Get memory information and conserve mode:

diag hardware sysinfo conserve
diag hardware sysinfo mem
diag hardware sysinfo shm
   0 – no conserve mode
   1 – proxy
   2 – system
   3 - both
diag firewall iprope state
   Av_break=pass/pass – kernel conserve mode

Troubleshoot VPN, Authentication and Updates

diag debug application <daemon> <level>
diag debug enable 
Daemons that support debug: sslvpn ike authd update
level: 
  0 disabled
  -1 shows all info
  other values: depends on daemon

Get network information and statistics:

show sys interface
diag hardware deviceinfo nic <port>
diag netlink interface list name <port>
fnsysctl ifconfig <port>

Get disk logging usage:

 diag sys logdisk usage

Display WebFilter statistics:

diag webfilter fortiguard statistics list

Display IPs blocked by Anomalies:

 diag ips anomaly list

You can test blocked pages using this site.