Network diagnose fortilogd

msgrate-device Device message rate

Network Troubleshooting diagnose fortilogd msgrate-type Message rate for each log type
execute ping [host] Ping utility
execute traceroute [host] Traceroute utility
diag sniffer packet <interface>
Packet sniffer
Disk
<filter> <level> <timestamp>
Disk / RAID / Virtual Disk
config system fortiview settings

CHEATSHEET
set resolve-ip enable Resolve IP address to hostname config system locallog disk
setting What happens with oldest logs
set diskfull nolog / overwrite

Logging diagnose system raid [option]

status, hwinfo, alarms
RAID information

Log Forwarding diagnose system disk [option]

Disk information
info, health, errors, attributes
config system log-forward
edit log-aggregation <id> execute lvm info
For virtual machines: provides a list of
Forwarding logs to FortiAnalyzer /

FORTIANALYZER FOR 6.0

aggregation-client set mode available disks
<realtime, Syslog / CEF
execute lvm extend <disk nr.> For virtual machines: Add disk
aggregation, disable>
config system
Configure the FortiAnalyzer that receives
© BOLL Engineering AG, FortiAnalyzer Cheat Sheet Version 1.1 / 08.02.2019 log-forward-service
set accept-aggregation enable logs ADOM
ADOM operation
config system global ADOM settings
Log Backup
General execute backup logs
set adom-status [en/dis] Enable or disable ADOM mode

<device name | all> config system global Set ADOM mode to normal or advanced /
Default device information <ftp | sftp | scp> <server ip> Backup logs to external storage set adom-mode [normal/advanced] for VDOMs)
admin / [no password] Default login <user name> <password> config system global
<location on server> Displays ADOM window after login
192.168.1.99/24 set adom-select [en/dis]
Default IP on port1
exec restore <options> Restore commands diagnose dvm adom list Enabled and configured ADOMs
9600/8-N-1
hardware flow control disabled Default serial console settings
Currently registered and unregistered
diagnose dvm device list
devices and VDOMs
Log Encryption
execute sql-local rebuild-adom
Basic commands config log fortianalyzer setting <ADOM-name>
Rebuild ADOM database
set enc-algorithm {default* | FortiGate’s encryption level
get system status Current status of FortiAnalyzer
high | low | disable}
Displays the network interface config system global set
show system interface Authentication group
configuration enc-algorithm {high | medium | FortiAnalyzer’s encryption level config sys admin group
show system route Displays static routing table entries low*} Group authentication server
edit <new-group>
show system dns Displays DNS server address config system global set Configure FortiAnalyzer to record log file
log-checksum {md5 | md5-auth | hash value, timestamp and authentication
show system ntp Displays automatic time settings using a
network time protocol (NTP) server
none} code
Reporting
get system ntp Displays how often FortiAnalyzer Hard cache
synchronizes its time with the NTP server Logging settings on Fortigate diagnose sql status sqlreportd SQL query connections and hcache status
execute shutdown / restart Shutdown and Restart command configure log fortianalyzer
Logging commands on FortiGate diagnose sql show hcache-size Hcache size on the file system
setting / filter
diagnose test application
diagnose log test Generates several dummy log messages State of the hcache
Server information sqlrptcached <level>
diagnose test appli miglogd 6 Dumps statistics for log daemon diagnose test application
get system performance FortiAnalyzer performance statistics Diagnose hcache creation
diagnose log kernel-stats Sent and failed log statistics sqlreportd 2
diagnose system print [option]
execute log fortianalyzer execute sql-report hcache-build
certificate, cpuinfo, df, hosts Test connection to FortiAnalyzer
test-connectivity <ADOM-name> <schedule-name> Rebuild hcache
interface, loadavg, partitions, View different server information
<start-time> <end-time>
route, rtcache, slabinfo,
sockets, uptime, netstat execute sql-report list-schedule
<ADOM-name> View report grouping information
Hardware statistics for CPU, memory, disk Logging Troubleshooting
diagnose hardware info
and RAID diagnose test application
oftpd 8 Daemon for receiving logs
Database
diagnose test application
Log file-related actitivites diagnose sql process list Current SQL processes running
Reset Information logfiled 2
diagnose log device diagnose sql status sqlplugind SQL insertion status
execute reset all-settings Erases the show configuration on flash, Used disk space per ADOM
containing IP and routes
diagnose system print df Logs and all system files on mounted drive
execute reset all-except-ip Erases the configuration on flash, leaves the
diagnose fortilogd lograte Log receive rate per second
settings for IP and routes
diagnose fortilogd msgrate Message receive rate per second
execute format disk Formats Log disk
diagnose fortilogd msgrate-total Message receive rate totals Report errors, suggestions or comments to [email protected]