Tools
This section describes the following troubleshooting tools:
execute commands
You can use the command-line interface (CLI) execute commands to run diagnostic utilities, such as nslookup, ping, and traceroute.
Execute Commands |
Description |
---|---|
|
Backup:
to a tftp server |
|
Backup FortiDDoS information to external USB disk |
|
Enable or Disable internal bypass data traffic |
|
Find and correct errors on the log disk |
|
Cleanup database transaction log files |
|
Set system date and time |
|
Domain-blocklist related operations such as upload/download domain-blocklist file, append/delete/search/merge domain-blocklist, and reset |
|
Reset system to factory default |
|
Format external USB disk |
|
Format log disk to fix specific logging issues. The requirement to
Before using Note: |
|
Update fortiguard-database |
|
SPP generate traffic statistics |
|
Reset global RRDs in case of Interface and other global related chart mismatch |
|
IPv4-blocklist related operations such as upload/download IPv4-blocklist file, append/delete/search/merge IPv4-blocklist, and reset |
|
Mount external USB disk |
|
Test DNS server to obtain domain name or IP address mapping |
|
Generate backend password |
|
Send ICMP ECHO_REQUEST to network hosts with IPv4 address: ping <host name | host ipv4> |
|
ping option settings |
|
Send ICMP6_ECHO_REQUEST to network hosts with IPv6 address: ping6 <host ipv6> |
|
ping6 option settings |
|
Reboot the system |
|
Reload appliance |
|
Repair database tables |
|
Clear/delete:
|
restapi-restart |
GUI may freeze at login. Use this command to restart the REST-API process, refresh the GUI. You may need to login again. This does not affect any other system processes and does not reboot the system. |
|
Restore image or configuration from tftp or ftp server |
|
Restore from external USB disk |
|
Reset all global and SPP RRDs |
|
Shutdown appliance |
|
Reset the threshold configuration and clear traffic history for an SPP |
|
Reset RRDs of a specific SPP in case of SPP related chart mismatch |
|
Simple telnet client |
|
Test if we can telnet to a server |
|
SPP emergency setup thresholds to adjust only certain key thresholds based on empirical knowledge |
|
Reset the threshold configuration for an SPP |
|
Display possible routes (paths) to destination host |
|
Unmount external USB disk |
|
Upload license file from tftp server only for VM |
diagnose commands
You can use the CLI diagnose commands to gather diagnostic information that can be useful to Fortinet Customer Care when diagnosing any issues with your system.
Diagnose Commands |
Description |
---|---|
blocklisted ip list
|
Displays the entire list of uploaded IP addresses for Global Protection > Blocklist > Blocklisted IPv4 tab |
blocklisted domain list
|
Displays the entire list of uploaded domains for Global Protection > Blocklist > Blocklisted Domains tab |
dataplane
Additional options: |
|
blocklisted-domain
|
Blocklisted Domains Blocklisted IPv4 addresses Detailed information about contents of DNS cache Detailed information about contents of DNS DQRM table Detailed information about contents of DNS LQ table Configuration information for each DNS profile (listed in order) Detailed information about contents of DNS TTL table Memory and usage of FortiGuard Domain Reputation table Detailed information about contents of the system Destination table Configuration information for each DTLS profile (listed in order) Detailed information about the capacity and usage of the Geo-IP table | Geo-IP information for an IP address Configuration information for each HTTP profile (listed in order) Configuration information for each ICMP profile (listed in order) Status of all system interfaces Detailed information on configuration and traffic for all system interfaces Operational status of each system port (not inline/bypass status which is Configuration information for each IP profile (listed in order) Memory and usage of FortiGuard IP Reputation table Detailed information about contents of the system Legitimate (non-spoofed) IP table Configuration information for each NTP profile (listed in order) Real-time numeric and % occupancy of many system tables Detailed information about contents of the system session table Detailed configuration, traffic and drop information for the named SPP Detailed information about contents of the system source table Configuration information for each SSL/TLS profile (listed in order) Configuration information for each TCP profile (listed in order) |
Additional options: |
|
|
set/get debug level for daemons set/get debug level for CLI and CMDB clear/get crashlog dataplane disable debug output enable debug output set/get debug level for kernel get mysql error log get nginx error log Perform RRD commands check. Will show errors only. Re-create RRD commands – used for graphing Check RRD status for each SPP Check RRD files count for each SPP Tune RRD database to eliminate drop count limit. |
Additional options: |
|
|
Fortinet use only List information for management ports Read data from a management port List information on PCI buses and connected devices List system hardware information |
|
Provides various lists of primarily management port routing information |
|
Sniffer commands for management ports |
Additional options: |
|
|
Lists top FortiDDoS processes – not the same as Linus top which should not be used – see above. Fortinet use only |
Special Fortinet Support commands
The commands described in this section are useful when you are troubleshooting an issue with the help of Fortinet Technical Support. Your Fortinet contact might ask you to run these commands to gather data they need to troubleshoot system issues.
execute backup diag_info
This command exports diagnostic information to a remote TFTP server. The following information is exported:
- System status
- Current configuration
- Hardware register values
- Event and DDoS attack log database
Use the following command syntax:
# execute backup diag_info tftp <tftp_server_ipaddress>
The filename generated stems from the appliance serial number and date. For example, diag_info-FIVM08TM20090022-2015-03-07-16-57.tgz
.
The archive includes four files with filenames similar to the following:
back_status-FIVM08TM20090022-2015-03-07-16-57
back_cfg-FIVM08TM20090022-2015-03-07-16-57
back_hw_reg-FIVM08TM20090022-2015-03-07-16-57
back_logs-FIVM08TM20090022-2015-03-07-16-57.tgz
The logs archive includes four files with filenames similar to the following:
elog@002e0000000001.MAI
elog@002e0000000001.MAD
dlog.MAI
dlog.MAD
get commands
Get Commands |
Description |
---|---|
system performance |
Displays real-time CPU and Memory % usage, matching GUI Dashboard > Status: System Resources panel. Note: Standard Linux Example: CPU Usage(in percentage): 28 Memory Usage(in percentage): 30 Uptime: 1 days 12 hours 35 minutes |
system status |
Provides the following information (example): Version: FortiDDoS-1500F v6.4.0,build0764,220805 IP Reputation DB: 00001.00020 - 2013-01-22 10:52:12 Domain Reputation DB: 00005.858 - 2020-12-14 Serial-Number: FI1K5FTE21000001 BIOS version: 00010003 Log disk: Capacity 62 GB, Used 965 MB ( 1.50%), Free 61 GB RRD disk: Capacity 369 GB, Used 242 GB (65.57%), Free 127 GB Hostname: FI1K5FTE21000001 HA configured mode: standalone HA effective mode: standalone Distribution: International License Type: - Uptime: 1 days 12 hours 33 minutes Last reboot: Mon Aug 08 18:14:46 2022 PDT System time: Wed Aug 10 06:48:45 2022 PDT |
system sensors |
Provides hardware operating sensor information for CPUs, system and PSUs. |
transceiver status |
Provides vendor, part number, serial number, voltage and optical power information from internal and pluggable SFPs if supported by the vendor. |
transceiver status portx |
Provides more detailed transceiver information for optical power, bias voltage, etc., if supported by the vendor. |