Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

CLI Reference

test

Use the following commands to test the FortiManager.

test application

Use this command to test applications. Multiple variables can be entered for each command..

Syntax

diagnose test application clusterd <integer> <integer> ... <integer>

diagnose test application execmd <integer> <integer> ... <integer>

diagnose test application fazcfgd <integer> <integer> ... <integer>

diagnose test application fazmaild <integer> <integer> ... <integer>

diagnose test application fazsvcg <integer> <integer> ... <integer>

diagnose test application fazwatchd <integer> <integer> ... <integer>

diagnose test application filefwd <integer> <integer> ... <integer>

diagnose test application fortilogd <integer> <integer> ... <integer>

diagnose test application logfiled <integer> <integer> ... <integer>

diagnose test application logfwd <integer> <integer> ... <integer>

diagnose test application log-fetchd <integer> <integer> ... <integer>

diagnose test application miglogd <integer> <integer> ... <integer>

diagnose test application oftpd <integer> <integer> ... <integer>

diagnose test application rptchkd <integer> <integer> ... <integer>

diagnose test application snmpd <integer> <integer> ... <integer>

diagnose test application sqllogd <integer> <integer> ... <integer>

diagnose test application sqlrptcached <integer> <integer> ... <integer>

diagnose test application uploadd <integer> <integer> ... <integer>

Variable

Description

clusterd <integer> ...

Clusterd daemon test usage:

  • 0: usage
  • 1: log cluster diagnostic tests
  • 2: logging topology diagnostic tests
  • 99: restart daemon

execmd <integer> ...

Execmd daemon test usage:

  • 1: show PID
  • 2: show statistics and state
  • 3: reset statistics and state
  • 99: restart daemon

fazcfgd <integer> ...

Fazcfg daemon test usage: 

  • 1: show PID
  • 2: show statistics
  • 50: test get app icon
  • 51: test download app logo files
  • 52: dvm call stats
  • 53: dvm call stats clear
  • 54: check ips/app meta-data update
  • 55: log disk readahead get
  • 56: log disk readahead toggle
  • 57: fix redis service
  • 58: check redis service
  • 84: rebuild ips meta-data table
  • 85: rebuild app meta-data table
  • 86: rebuild FortiClient Vulneribility meta-data table
  • 87: restore tidb meta-data to default version
  • 99: restart daemon

fazmaild <integer> ...

Fazmaild daemon test usage:

  • 1: show PID and daemon status
  • 2: show runtime status
  • 90: pause sending mail
  • 91: resume sending mail
  • 99: restart fazmaild daemon

fazsvcg <integer> ...

Fazsvcd daemon test usage:

  • 1: show PID
  • 2: show daemon stats and status
  • 3: list async search threads
  • 4: dump async search slot info
  • 5: show cache builder stats
  • 6: dump cache builder playlist
  • 7: dump log search filters
  • 10: show database log stats aggregated per day
  • 11: show received log stats aggregated per day
  • 50: enable or disable cache builder
  • 51: enable or disable auto custom index
  • 52: enable or disable skip-index usage
  • 60: rawlog idx cache test
  • 61: logbrowse cache stats
  • 70: show stats for device vdom cache
  • 99: restart daemon

fazwatchd <integer> ...

Fazwatchd daemon test.

filefwd <integer> ...

Filefwd daemon test usage:

  • 1: show daemon PID
  • 2: show daemon stats
  • 3: show threads stats
  • 99: restart daemon

fortilogd <integer> ...

Fortilogd Diag test usage: 

  • 0: usage information
  • 1: show fortilogd PID
  • 2: dump message status
  • 3: logstat status
  • 4: client devices status
  • 5: print log received
  • 6: switch on/off debug messages
  • 7: log forwarding prep status
  • 8: device cache reloading status
  • 9: dz_client cache status
  • 10: file stats
  • 11: stop/restart receiving logs
  • 99: restart fortilogd

logfiled <integer> ...

Logfile daemon test usage: 

  • 1: show PID
  • 2: show statistics and state
  • 4: show ADOM statistics
  • 5: show device statistics
  • 6: show auto-del statistics
  • 90: reset statistics and state
  • 91: force to preen content files info
  • 99: restart daemon

logfwd <integer> ...

Logfwd daemon test usage: 

  • 0: usage information
  • 1: show PID
  • 2: logfwd status
  • 3: logfwd configurations
  • 4: logfwd stats
  • 5: logfwd devices cache
  • 98: reset logfwd stats
  • 99: restart logfwd

log-fetchd <integer> ...

Log-fetch daemon test usage: 

  • 1: show PID
  • 2: show states
  • 3: show running sessions
  • 99: restart the daemon

miglogd <integer> ...

Miglogd daemon test usage: 

  • 1: show PID
  • 2: dump memory pool
  • 99: restart daemon

oftpd <integer> ...

Oftpd daemon test usage: 

  • 1: show PID
  • 2: show statistics and state
  • 3: show connected device name and IP
  • 4: show detailed session state
  • 5: show oftp request statistics
  • 6: show cmdb device cache
  • 7: show logfwd thread stats
  • 8: show tasklist statistics
  • 9: show unreg dev cache
  • 10: log cluster bridge stats
  • 20: show forticlent end-user stats
  • 21: rebuild forticlient end-user avatar table
  • 90: reload un-reg device tree
  • 99: restart daemon

rptchkd <integer> ...

Sqlrptcache daemon test usage:

  • 1: show PID
  • 2: show statistics and state
  • 3: reset statistics and state
  • 4: list adoms
  • 5: re-check an adom
  • 99: restart daemon

snmpd <integer> ...

SNMP daemon test usage: 

  • 1: display daemon pid
  • 2: display snmp statistics
  • 3: clear snmp statistics
  • 4: generate test trap (cpu high)
  • 5: generate test traps (log alert, rate, data rate)
  • 6: generate test traps (licensed gb/day, device quota)
  • 99: restart daemon

sqllogd <integer> ...

SqlLog daemon test usage:  

  • 1: show PID
  • 2: show statistics and state
  • 3: show worker init state
  • 4: show worker thread info
  • 5: show log device scan info, optionally filter by <devid>
  • 7: show ADOM device list by <adom-name>
  • 8: show dev to sql-ID (sID) bitmap
  • 9: show ADOM scan sync info, optionally filter by <adom>
  • 10: show FortiClient dev to sql-ID (sID) map
  • 41: show worker 1 info
  • 70: show sql database building progress
  • 71: show the progress of upgrading log files into per-vdom storage
  • 72: run the upgrading log files into per-vdom storage
  • 80: show daemon status flags
  • 82: show ipsec up tunnels
  • 84: show all unreg logdevs
  • 96: resend all pending batch files to sqlplugind
  • 97: rebuilding warm restart
  • 98: set worker assignment to policy 'round-robin' or 'adom-affinity', daemon will restart on policy change.
  • 99: restart daemon
  • 200: diag for log based alert
  • 201: diag for utmref cache
  • 202: diag for fgt-fct corelation
  • 203: diag for logstat
  • 204: diag for post breach detection
  • 221: estimated browsing time stats
  • 224: fgt lograte cache info

sqlrptcached <integer> ...

Sqlrptcache daemon test usage: 

  • 1: show PID
  • 2: show statistics and state
  • 3: reset statistics and state
  • 99: restart daemon

uploadd <integer> ...

Uploadd daemon test usage:

  • 1: show PID
  • 2: show statistics and state
  • 3: reset statistics and state
  • 4: show uploadd queues content
  • 5: show upload server state
  • 50: clear log queue [mirror server1]
  • 51: clear log queue [mirror server2]
  • 52: clear log queue [mirror server3]
  • 53: clear log queue [backup]
  • 54: clear log queue [original request]
  • 55: clear log queues [all]
  • 56: clear report queue
  • 99: restart daemon

test connection

Use this command to test connections.

Syntax

diagnose test connection fortianalyzer <ip>

diagnose test connection mailserver <server-name> <mail-from> <mail-to>

diagnose test connection syslogserver <server-name>

Variable

Description

fortianalyzer <ip>

Test the connection to the FortiAnalyzer.

mailserver <server-name> <mail-from> <mail-to>

Test the connection to the mail server.

syslogserver <server-name>

Test the connection to the syslog server.

test deploymanager

Use this command to test the deployment manager.

Syntax

diagnose test deploymanager getcheckin <devid>

diagnose test deploymanager reloadconf <devid>

Variable

Description

getcheckin <devid>

Get configuration check-in information from the FortiGate.

reloadconf <devid>

Reload configuration from the FortiGate.

test policy-check

Use this command to test applications.

Syntax

diagnose test policy-check flush

diagnose test policy-check list

Variable

Description

flush

Flush all policy check sessions.

list

List all policy check sessions.

test search

Use this command to test the search daemon.

Syntax

diagnose test search flush

diagnose test search list

Variable

Description

flush

Flush all search sessions.

list

List all search sessions.

test sftp

Use this command to test the secure file transfer protocol (SFTP).

Syntax

diagnose test sftp auth <sftp server> <username> <password> <directory>

Variable

Description

auth <sftp server> <username> <password> <directory>

Test the scheduled backup.

The directory variable represents the directory on the SFTP server where you want to put the file. The default directory is "/".

test

Use the following commands to test the FortiManager.

test application

Use this command to test applications. Multiple variables can be entered for each command..

Syntax

diagnose test application clusterd <integer> <integer> ... <integer>

diagnose test application execmd <integer> <integer> ... <integer>

diagnose test application fazcfgd <integer> <integer> ... <integer>

diagnose test application fazmaild <integer> <integer> ... <integer>

diagnose test application fazsvcg <integer> <integer> ... <integer>

diagnose test application fazwatchd <integer> <integer> ... <integer>

diagnose test application filefwd <integer> <integer> ... <integer>

diagnose test application fortilogd <integer> <integer> ... <integer>

diagnose test application logfiled <integer> <integer> ... <integer>

diagnose test application logfwd <integer> <integer> ... <integer>

diagnose test application log-fetchd <integer> <integer> ... <integer>

diagnose test application miglogd <integer> <integer> ... <integer>

diagnose test application oftpd <integer> <integer> ... <integer>

diagnose test application rptchkd <integer> <integer> ... <integer>

diagnose test application snmpd <integer> <integer> ... <integer>

diagnose test application sqllogd <integer> <integer> ... <integer>

diagnose test application sqlrptcached <integer> <integer> ... <integer>

diagnose test application uploadd <integer> <integer> ... <integer>

Variable

Description

clusterd <integer> ...

Clusterd daemon test usage:

  • 0: usage
  • 1: log cluster diagnostic tests
  • 2: logging topology diagnostic tests
  • 99: restart daemon

execmd <integer> ...

Execmd daemon test usage:

  • 1: show PID
  • 2: show statistics and state
  • 3: reset statistics and state
  • 99: restart daemon

fazcfgd <integer> ...

Fazcfg daemon test usage: 

  • 1: show PID
  • 2: show statistics
  • 50: test get app icon
  • 51: test download app logo files
  • 52: dvm call stats
  • 53: dvm call stats clear
  • 54: check ips/app meta-data update
  • 55: log disk readahead get
  • 56: log disk readahead toggle
  • 57: fix redis service
  • 58: check redis service
  • 84: rebuild ips meta-data table
  • 85: rebuild app meta-data table
  • 86: rebuild FortiClient Vulneribility meta-data table
  • 87: restore tidb meta-data to default version
  • 99: restart daemon

fazmaild <integer> ...

Fazmaild daemon test usage:

  • 1: show PID and daemon status
  • 2: show runtime status
  • 90: pause sending mail
  • 91: resume sending mail
  • 99: restart fazmaild daemon

fazsvcg <integer> ...

Fazsvcd daemon test usage:

  • 1: show PID
  • 2: show daemon stats and status
  • 3: list async search threads
  • 4: dump async search slot info
  • 5: show cache builder stats
  • 6: dump cache builder playlist
  • 7: dump log search filters
  • 10: show database log stats aggregated per day
  • 11: show received log stats aggregated per day
  • 50: enable or disable cache builder
  • 51: enable or disable auto custom index
  • 52: enable or disable skip-index usage
  • 60: rawlog idx cache test
  • 61: logbrowse cache stats
  • 70: show stats for device vdom cache
  • 99: restart daemon

fazwatchd <integer> ...

Fazwatchd daemon test.

filefwd <integer> ...

Filefwd daemon test usage:

  • 1: show daemon PID
  • 2: show daemon stats
  • 3: show threads stats
  • 99: restart daemon

fortilogd <integer> ...

Fortilogd Diag test usage: 

  • 0: usage information
  • 1: show fortilogd PID
  • 2: dump message status
  • 3: logstat status
  • 4: client devices status
  • 5: print log received
  • 6: switch on/off debug messages
  • 7: log forwarding prep status
  • 8: device cache reloading status
  • 9: dz_client cache status
  • 10: file stats
  • 11: stop/restart receiving logs
  • 99: restart fortilogd

logfiled <integer> ...

Logfile daemon test usage: 

  • 1: show PID
  • 2: show statistics and state
  • 4: show ADOM statistics
  • 5: show device statistics
  • 6: show auto-del statistics
  • 90: reset statistics and state
  • 91: force to preen content files info
  • 99: restart daemon

logfwd <integer> ...

Logfwd daemon test usage: 

  • 0: usage information
  • 1: show PID
  • 2: logfwd status
  • 3: logfwd configurations
  • 4: logfwd stats
  • 5: logfwd devices cache
  • 98: reset logfwd stats
  • 99: restart logfwd

log-fetchd <integer> ...

Log-fetch daemon test usage: 

  • 1: show PID
  • 2: show states
  • 3: show running sessions
  • 99: restart the daemon

miglogd <integer> ...

Miglogd daemon test usage: 

  • 1: show PID
  • 2: dump memory pool
  • 99: restart daemon

oftpd <integer> ...

Oftpd daemon test usage: 

  • 1: show PID
  • 2: show statistics and state
  • 3: show connected device name and IP
  • 4: show detailed session state
  • 5: show oftp request statistics
  • 6: show cmdb device cache
  • 7: show logfwd thread stats
  • 8: show tasklist statistics
  • 9: show unreg dev cache
  • 10: log cluster bridge stats
  • 20: show forticlent end-user stats
  • 21: rebuild forticlient end-user avatar table
  • 90: reload un-reg device tree
  • 99: restart daemon

rptchkd <integer> ...

Sqlrptcache daemon test usage:

  • 1: show PID
  • 2: show statistics and state
  • 3: reset statistics and state
  • 4: list adoms
  • 5: re-check an adom
  • 99: restart daemon

snmpd <integer> ...

SNMP daemon test usage: 

  • 1: display daemon pid
  • 2: display snmp statistics
  • 3: clear snmp statistics
  • 4: generate test trap (cpu high)
  • 5: generate test traps (log alert, rate, data rate)
  • 6: generate test traps (licensed gb/day, device quota)
  • 99: restart daemon

sqllogd <integer> ...

SqlLog daemon test usage:  

  • 1: show PID
  • 2: show statistics and state
  • 3: show worker init state
  • 4: show worker thread info
  • 5: show log device scan info, optionally filter by <devid>
  • 7: show ADOM device list by <adom-name>
  • 8: show dev to sql-ID (sID) bitmap
  • 9: show ADOM scan sync info, optionally filter by <adom>
  • 10: show FortiClient dev to sql-ID (sID) map
  • 41: show worker 1 info
  • 70: show sql database building progress
  • 71: show the progress of upgrading log files into per-vdom storage
  • 72: run the upgrading log files into per-vdom storage
  • 80: show daemon status flags
  • 82: show ipsec up tunnels
  • 84: show all unreg logdevs
  • 96: resend all pending batch files to sqlplugind
  • 97: rebuilding warm restart
  • 98: set worker assignment to policy 'round-robin' or 'adom-affinity', daemon will restart on policy change.
  • 99: restart daemon
  • 200: diag for log based alert
  • 201: diag for utmref cache
  • 202: diag for fgt-fct corelation
  • 203: diag for logstat
  • 204: diag for post breach detection
  • 221: estimated browsing time stats
  • 224: fgt lograte cache info

sqlrptcached <integer> ...

Sqlrptcache daemon test usage: 

  • 1: show PID
  • 2: show statistics and state
  • 3: reset statistics and state
  • 99: restart daemon

uploadd <integer> ...

Uploadd daemon test usage:

  • 1: show PID
  • 2: show statistics and state
  • 3: reset statistics and state
  • 4: show uploadd queues content
  • 5: show upload server state
  • 50: clear log queue [mirror server1]
  • 51: clear log queue [mirror server2]
  • 52: clear log queue [mirror server3]
  • 53: clear log queue [backup]
  • 54: clear log queue [original request]
  • 55: clear log queues [all]
  • 56: clear report queue
  • 99: restart daemon

test connection

Use this command to test connections.

Syntax

diagnose test connection fortianalyzer <ip>

diagnose test connection mailserver <server-name> <mail-from> <mail-to>

diagnose test connection syslogserver <server-name>

Variable

Description

fortianalyzer <ip>

Test the connection to the FortiAnalyzer.

mailserver <server-name> <mail-from> <mail-to>

Test the connection to the mail server.

syslogserver <server-name>

Test the connection to the syslog server.

test deploymanager

Use this command to test the deployment manager.

Syntax

diagnose test deploymanager getcheckin <devid>

diagnose test deploymanager reloadconf <devid>

Variable

Description

getcheckin <devid>

Get configuration check-in information from the FortiGate.

reloadconf <devid>

Reload configuration from the FortiGate.

test policy-check

Use this command to test applications.

Syntax

diagnose test policy-check flush

diagnose test policy-check list

Variable

Description

flush

Flush all policy check sessions.

list

List all policy check sessions.

test search

Use this command to test the search daemon.

Syntax

diagnose test search flush

diagnose test search list

Variable

Description

flush

Flush all search sessions.

list

List all search sessions.

test sftp

Use this command to test the secure file transfer protocol (SFTP).

Syntax

diagnose test sftp auth <sftp server> <username> <password> <directory>

Variable

Description

auth <sftp server> <username> <password> <directory>

Test the scheduled backup.

The directory variable represents the directory on the SFTP server where you want to put the file. The default directory is "/".