debug
Use the following commands to debug the FortiManager.
debug application
Use this command to view or set the debug levels for the FortiManager applications. All of the debug levels are 0 by default.
Syntax
diagnose debug application alertmail <integer>
diagnose debug application apiproxyd <integer>
diagnose debug application archd <integer>
diagnose debug application auth <integer>
diagnose debug application clusterd <integer>
diagnose debug application connector <integer>
diagnose debug application csfd <integer>
diagnose debug application curl <integer>
diagnose debug application ddmd <integer> <deviceName>
diagnose debug application depmanager <integer>
diagnose debug application dhcpcd <integer>
diagnose debug application dmapi <integer>
diagnose debug application dmssh <integer>
diagnose debug application dns <integer>
diagnose debug application docker <integer>
diagnose debug application dump
diagnose debug application execmd <integer>
diagnose debug application fabricsyncd <integer>
diagnose debug application fazalertd <integer>
diagnose debug application fazcfgd <integer>
diagnose debug application fazincid <integer>
diagnose debug application fazmaild <integer>
diagnose debug application faznotify <integer>
diagnose debug application fazsvcd <integer> <reg exp filter>
diagnose debug application fazwatchd <integer>
diagnose debug application fdssvrd <integer>
diagnose debug application fgdlinkd <integer>
diagnose debug application fgdsvr <integer>
diagnose debug application fgdupd <integer>
diagnose debug application fgfmsd <integer> <deviceName>
diagnose debug application filefwd <integer>
diagnose debug application fileparsed <integer>
diagnose debug application fortilogd <integer>
diagnose debug application FortiManagerws <integer>
diagnose debug application fortimeter <integer>
diagnose debug application fsvrd <integer>
diagnose debug application gui <integer>
diagnose debug application ha <integer>
diagnose debug application ipsec <integer>
diagnose debug application keepalived <integer>
diagnose debug application lldp <integer>
diagnose debug application localmod <integer>
diagnose debug application logd <integer>
diagnose debug application log-fetchd <integer>
diagnose debug application logfiled <integer>
diagnose debug application logfwd <integer>
diagnose debug application lrm <integer>
diagnose debug application oftpd <integer> <IP/deviceSerial/deviceName>
diagnose debug application ptmgr <integer>
diagnose debug application ptsessionmgr <integer>
diagnose debug application rptchkd <integer>
diagnose debug application rptsched <integer>
diagnose debug application rtmmond <integer>
diagnose debug application run-sql-rpt <integer>
diagnose debug application scansched <integer>
diagnose debug application scheduled <integer>
diagnose debug application sdnproxy <integer>
diagnose debug application securityconsole <integer>
diagnose debug application siemagentd <integer>
diagnose debug application siemdbd <integer>
diagnose debug application sniffer <integer>
diagnose debug application snmpd <integer>
diagnose debug application sql-integration <integer>
diagnose debug application sqllogd <integer>
diagnose debug application sqlplugind <integer> <filter>
diagnose debug application sqlreportd <integer> <filter>
diagnose debug application sqlrptcached <integer>
diagnose debug application srchd <integer>
diagnose debug application ssh <integer>
diagnose debug application sshd <integer>
diagnose debug application storaged <integer>
diagnose debug application syncsched <integer>
diagnose debug application uploadd <integer>
diagnose debug application vmd <integer>
Variable |
Description |
---|---|
alertmail <integer> |
Set the debug level of the alert email daemon. |
apiproxyd <integer> |
Set the debug level of the API proxy daemon. |
archd <integer> |
Set the debug level of the archd daemon (0 - 8). |
auth <integer> |
Set the debug level of the Fortinet authentication module. |
clusterd <integer> |
Set the debug level of the clusterd daemon. |
connector <integer> |
Set the debug level of the connector daemon. |
csfd <integer> |
Set the debug level of the Security Fabric daemon. |
curl <integer> |
Set the debug level of the curl daemon. Use this CLI command to enable debug for monitoring progress when performing a backup/restore of a large database via FTP. |
ddmd <integer> <deviceName> |
Set the debug level of the dynamic data monitor. Enter a device name to only show messages related to that device. Note: Enter |
depmanager <integer> |
Set the debug level of the deployment manager. |
dhcpcd <integer> |
Set the debug level of the dhcpcd daemon. |
dmworker <integer> |
Set the debug level of the deployment manager worker. |
dmapi <integer> |
Set the debug level of the dmapi daemon. |
dmssh <integer> |
Set the debug level of the deployment manager SSH. |
dns <integer> |
Set the debug level of the DNS daemon. |
docker <integer> |
Set the debug level of the Docker daemon. |
dump |
Dump services. |
execmd <integer> |
Set the debug level of the execmd daemon. |
fabricsyncd <integer> |
Set the debug level of the fabricsyncd daemon (0 - 8). |
fazalertd <integer> |
Set the debug level of the fazalertd daemon (0 - 8). |
fazcfgd <integer> |
Set the debug level of the fazcfgd daemon. |
fazincid <integer> |
Set the debug level of the fazincid daemon. |
fazmaild <integer> |
Set the debug level of the fazmaild daemon. |
faznotify <integer> |
Set the debug level of the faznotify daemon. |
fazsvcd <integer> <reg exp filter> |
Set the debug level of the FAZ server daemon. Set a filter; use |
fazwatchd <integer> |
Set the debug level of the fazwatchd daemon. |
fdssvrd <integer> |
Set the debug level of the FDS server daemon. |
fgdlinkd <integer> |
Set the debug level of the FGD server daemon (0 - 8). |
fgdsvr <integer> |
Set the debug level of the FortiGuard query daemon. |
fgdupd <integer> |
Set the debug level of the FortiGuard update daemon. |
fgfmsd <integer> <deviceName> |
Set the debug level of FGFM daemon. Enter a device name to only show messages related to that device. Note: Enter |
filefwd <integer> |
Set the debug level of the filefwd daemon. |
fileparsed <integer> |
Set the debug level of the fileparsed daemon. |
fortilogd <integer> |
Set the debug level of the fortilogd daemon. |
fortimanagerws <integer> |
Set the debug level of the FortiManager Web Service. |
fortimeter <integer> |
Set the debug level of the Fortimeter. |
fsvrd <integer> |
Set the debug level of the FortiService daemon. |
gui <integer> |
Set the debug level of the GUI. |
ha <integer> |
Set the debug level of high availability daemon. |
ipsec <integer> |
Set the debug level of the IPsec daemon. |
keepalived <integer> |
Set the debug level of the keepalived daemon. |
lldp <integer> |
Set the debug level of the link layer discovery protocol (LLDP) daemon. |
localmod <integer> |
Set the debug level of the localmod daemon. |
logd <integer> |
Set the debug level of the log daemon. |
log-fetched <integer> |
Set the debug level for the log-fetched. |
logfiled <integer> |
Set the debug level of the logfilled daemon. |
logfwd <integer> |
Set the debug level of the logfwd daemon. |
lrm <integer> |
Set the debug level of the Log and Report Manager. |
oftpd <integer> <IP/deviceSerial/deviceName> |
Set the debug level of the oftpd daemon. Enter an IPv4 address, device serial number, or device name to only show messages related to that device or IPv4 address. Note: Enter |
ptmgr <integer> |
Set the debug level of the Portal Manager. |
ptsessionmgr <integer> |
Set the debug level of the Portal Session Manager. |
rptchkd <integer> |
Set the debug level of the rptchkd daemon. |
rptsched <integer> |
Set the debug level of the rptsched daemon. |
rtmmond <integer> |
Set the debug level of the real time monitor daemon. |
run-sql-rpt <integer> |
Set the debug level of the SQL report daemon. |
scansched <integer> |
Set the debug level of the scan schedule daemon. |
scheduled <integer> |
Set the debug level of the schedule task daemon. |
sdnproxy <integer> |
Set the debug level of the sdnproxy daemon. |
securityconsole <integer> |
Set the debug level of the security console daemon. |
siemagentd <integer> |
Set the debug level of the siemagentd daemon. |
siemdbd <integer> |
Set the debug level of the siemdbd daemon. |
sniffer <integer> |
Set the debug level of the interface sniffer. |
snmpd <integer> |
Set the debug level of the SNMP daemon. |
sql-integration <integer> |
Set the debug level of SQL applications. |
sqllogd <integer> |
Set the debug level of SQL log daemon. |
sqlplugind <integer> <filter> |
Set the debug level of the SQL plugin daemon. Set filter for sqlplugind. Note: Enter |
sqlreportd <integer> <filter> |
Set the debug level (0-8) of the SQL report daemon. Set the filter for sqlreportd. Note: Enter |
sqlrptcached <integer> |
Set the debug level of the SQL report caching daemon. |
srchd <integer> |
Set the debug level of the SRCH daemon. |
ssh <integer> |
Set the debug level of SSH protocol transactions. |
sshd <integer> |
Set the debug level of the SSH daemon. |
storaged <integer> |
Set the debug level of communication with java clients. |
syncsched <integer> |
Set the debug level of the syncsched daemon. |
uploadd <integer> |
Set the debug level of the upload daemon. |
vmd <integer> |
Set the debug level for vmd. |
Example
This example shows how to set the debug level to 7 for the upload daemon:
diagnose debug application uploadd 7
debug backup-oldformat-script-logs
Use this command to backup script log files that failed to be upgraded to the FTP server.
Syntax
diagnose debug backup-oldformat-script-logs <ip> <string> <username> <password>
Variable |
Description |
---|---|
<ip> |
Enter the FTP server IP address. |
<string> |
Enter the path/filename to save the log to the FTP server. |
<username> |
Enter the user name on the FTP server. |
<password> |
Enter the password associated with the user name. |
debug cdbchk
Use these commands to enable or disable CLI CDB check debug output.
Syntax
diagnose debug cdbcheck {enable | disable}
debug cli
Use this command to set the debug level of CLI.
Syntax
diagnose debug cli <integer>
Variable |
Description |
---|---|
<integer> |
Set the debug level of the CLI (0 - 8, default = 3). |
debug console
Use this command to enable or disable console debugging.
Syntax
diagnose debug console {enable | disable}
Variable |
Description |
---|---|
{enable | disable} |
Enable/disable console debugging. |
debug coredump
Use this command to manage daemon and process core dumps.
Syntax
diagnose debug coredump crash-pid <pid>
diagnose debug coredump delete <daemon>
diagnose debug coredump disable <daemon>
diagnose debug coredump disable-pid <pid>
diagnose debug coredump enable <daemon>
diagnose debug coredump enable-once <daemon>
diagnose debug coredump enable-pid <pid>
diagnose debug coredump list
diagnose debug coredump upload <daemon> <service> <ip> <username> <password> <directory>
Variable |
Description |
---|---|
crash-pid <pid> |
Crash running process for core dump. |
delete <daemon> |
Delete core dumps for a daemon. |
disable <daemon> |
Disable core dump for a daemon. |
disable-pid <pid> |
Disable core dump of running process. |
enable <daemon> |
Enable core dump for a daemon. |
enable-once <daemon> |
Enable core dump the next time a daemon starts (one time only). |
enable-pid <pid> |
Enable core dump of running process. |
list |
List core dumps. |
upload <daemon> <service> <ip> <username> <password> <directory> |
Upload core dumps for a daemon to the specified server. |
debug crashlog
Use this command to manage crash logs.
Syntax
diagnose debug crashlog clear
diagnose debug crashlog read
Variable |
Description |
---|---|
clear |
Delete backtrace and core files. |
read |
Show the crash logs. This command is hidden. |
debug disable
Use this command to disable debug.
Syntax
diagnose debug disable
debug dpm
Use this command to manage the deployment manager.
Syntax
diagnose debug dpm comm-trace {enable | disable | status}
diagnose debug dpm conf-trace {enable | disable | status}
diagnose debug dpm probe-device <ip>
Variable |
Description |
---|---|
comm-trace {enable | disable | status} |
Enable/disable a DPM to FortiGate communication trace, or view the status of it. |
conf-trace {enable | disable | status} |
Enable/disable a DPM to FortiGate configuration trace, or view the status of it. |
probe-device <ip> |
Check device status. |
debug enable
Use this command to enable debug.
Syntax
diagnose debug enable
debug gui
Use these commands to enable or disable the GUI debug flag.
Syntax
diagnose debug gui {enable | disable}
debug info
Use this command to show active debug level settings.
Syntax
diagnose debug info
debug klog
Use this command to show all kernel logs.
Syntax
diagnose debug klog clear
daignose debug klog read
debug raw-elog
Use this command to show raw elog.
Syntax
diagnose debug raw-elog
debug reset
Use this command reset the debug level settings. All debug settings will be reset.
Syntax
diagnose debug reset
debug service
Use this command to view or set the debug level of various service daemons.
Syntax
diagnose debug service anonymous <integer>
diagnose debug service cdb <integer>
diagnose debug service cmdb <integer>
diagnose debug service csf <integer>
diagnose debug service dbcache <integer>
diagnose debug service dump
diagnose debug service dvmcmd <integer>
diagnose debug service dvmdb <integer>
diagnose debug service fazcmd <integer>
diagnose debug service fazconf <integer>
diagnose debug service httpd <integer>
diagnose debug service main <integer>
diagnose debug service rpc-auth <integer>
diagnose debug service rtm <integer>
diagnose debug service sys <integer>
diagnose debug service task <integer>
Variable |
Description |
---|---|
<integer> |
The debug level |
dump |
Dump services. |
The anonymous
, dbcache
, dump
, fazcmd
, and rpc-auth
commands are only available on hardware devices.
debug sysinfo
Use this command to show system information.
Syntax
diagnose debug sysinfo
debug sysinfo-log
Use this command to generate one system log information log file every two minutes.
Syntax
diagnose debug sysinfo-log {on | off}
debug sysinfo-log-backup
Use this command to backup all system information log files to an FTP server.
Syntax
diagnose debug sysinfo-log-backup <server> <filepath> <user> <password>
Variable |
Description |
---|---|
<server> |
Enter the FTP server IPv4 address. |
<filepath> |
Enter the path/filename to save the log to the FTP server. |
<user> |
Enter the user name for the FTP server. |
<password> |
Enter the password associated with the user name. |
debug sysinfo-log-list
Use this command to show system information elogs.
Syntax
diagnose debug sysinfo-log-list <integer>
Variable |
Description |
---|---|
<integer> |
Display the last n elogs (default = 10). |
debug timestamp
Use this command to enable/disable debug timestamp.
Syntax
diagnose debug timestamp {enable | disable}
debug vmd
Use this command to show all the VMD (Virtual Machine Daemon) logs.
Syntax
diagnose debug vmd
debug vminfo
Use this command to show VM license information.
This command is only available on FortiManager VM models. |
Syntax
diagnose debug vminfo