Difference between revisions of "Monitoring"
From Tech-Wiki
| Line 30: | Line 30: | ||
Troubleshoot VPN, Authentication and Updates | Troubleshoot VPN, Authentication and Updates | ||
| − | diag debug application | + | diag debug application <daemon> <level> |
diag debug enable | diag debug enable | ||
Daemons that support debug: sslvpn ike authd update | Daemons that support debug: sslvpn ike authd update | ||
level: | level: | ||
| − | + | 0 disabled | |
| − | + | -1 shows all info | |
| − | + | other values: depends on daemon | |
Get network information and statistics: | Get network information and statistics: | ||
Revision as of 18:24, 23 August 2020
Viewing logs from command line
exec log filter category 0 (0:traffic 1:event 3:webfilter) exec log filter device 2 (0:memory 1:faz (fortianalyzer) 2:fds (disk)) exec log filter field dstport 443 (or dstip 10.1.1.1) exec log filter view-lines 200 exec log display
Get system information:
get sys status get sys performance status get hardware status diag hardware deviceinfo disk
Get CPU information and killing (restarting) process:
diag sys top diag sys top-summary diag sys kill 11 <pid> (or kill 15)
Get memory information and conserve mode:
diag hardware sysinfo mem diag hardware sysinfo shm 0 – no conserve mode 1 – proxy 2 – system 3 - both diag firewall iprope state Av_break=pass/pass – kernel conserve mode
Troubleshoot VPN, Authentication and Updates
diag debug application <daemon> <level> diag debug enable Daemons that support debug: sslvpn ike authd update level: 0 disabled -1 shows all info other values: depends on daemon
Get network information and statistics:
show sys interface diag hardware deviceinfo nic <port> diag netlink interface list name <port> fnsysctl ifconfig <port>
Get disk logging usage:
diag sys logdisk usage
Display IPs blocked by Anomalies:
diag ips anomaly list