Fortinet black logo

CLI reference

Home FortiNDR 7.0.2 CLI reference
7.0.2
7.4.3
7.4.2
7.4.1
7.4.0
7.2.3
7.2.2
7.2.1
7.2.0
7.1.0
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0

diagnose debug

diagnose debug

Use this command to turn debug options on or off, set debug log levels, or check the FortiNDR log.

Syntax

diagnose debug application {cmdb_event | csfd | hahbd | hasyncd | httpd | miglogd | sshd | updated | sdigestd | ndrd} <debug_level>
diagnose debug cli <debug_level>
diagnose debug coredump {clear|delete|disable|enable|list|status|upload}
diagnose debug crashlog <crash_log_date>
diagnose debug {enable | disable}
debug file {clear|disable|enable|info|show|upload}
diagnose debug kernel <debug_level>
diagnose debug process <process_name>

Variable

Description

Default

debug_level

A number from 0 to 8.

crash_log_date

A date in the format of yyyy-mm-dd to filter the crash log by date.

process_name

A specific process name. Available processes and explanations are as follows:

file_helper = file processing daemon

demo = data morking daemon

event_flow = Scenario Engine

moat_engine = Text AI Engine

moat_learn = Text AI learning Engine

pae2 = Binary AI Engine

pae_learn = Binary AI learning Engine

sniffer = Web packet sniffer

sys_mon = system monitoring daemon

oftpd = oftp daemon

sim_engine = similarity engine

Module/daemon

Description

cmdb_event

Monitor FortiNDR configuration change events.

csfd

Daemon responsible for Fortinet security fabric(csf) connection.

hahbd

Daemon responsible for HA heartbeat events.

hasyncd

Daemon responsible for HA data synchronization.

httpd

Daemon responsible for https service.

ldapcached

Daemon responsible for LDAP server querying service.

miglogd

Daemon responsible for system log generation.

ndrd

Daemon responsible for Network Detection and Response (NDR).

sdigestd

Daemon responsible for Network Share file scanning

sshd

Daemon responsible for SSH connections.

updated

Daemon responsible for FortiNDR license and ANN DB updates.
Previous
Next

diagnose debug

Use this command to turn debug options on or off, set debug log levels, or check the FortiNDR log.

Syntax

diagnose debug application {cmdb_event | csfd | hahbd | hasyncd | httpd | miglogd | sshd | updated | sdigestd | ndrd} <debug_level>
diagnose debug cli <debug_level>
diagnose debug coredump {clear|delete|disable|enable|list|status|upload}
diagnose debug crashlog <crash_log_date>
diagnose debug {enable | disable}
debug file {clear|disable|enable|info|show|upload}
diagnose debug kernel <debug_level>
diagnose debug process <process_name>

Variable

Description

Default

debug_level

A number from 0 to 8.

crash_log_date

A date in the format of yyyy-mm-dd to filter the crash log by date.

process_name

A specific process name. Available processes and explanations are as follows:

file_helper = file processing daemon

demo = data morking daemon

event_flow = Scenario Engine

moat_engine = Text AI Engine

moat_learn = Text AI learning Engine

pae2 = Binary AI Engine

pae_learn = Binary AI learning Engine

sniffer = Web packet sniffer

sys_mon = system monitoring daemon

oftpd = oftp daemon

sim_engine = similarity engine

Module/daemon

Description

cmdb_event

Monitor FortiNDR configuration change events.

csfd

Daemon responsible for Fortinet security fabric(csf) connection.

hahbd

Daemon responsible for HA heartbeat events.

hasyncd

Daemon responsible for HA data synchronization.

httpd

Daemon responsible for https service.

ldapcached

Daemon responsible for LDAP server querying service.

miglogd

Daemon responsible for system log generation.

ndrd

Daemon responsible for Network Detection and Response (NDR).

sdigestd

Daemon responsible for Network Share file scanning

sshd

Daemon responsible for SSH connections.

updated

Daemon responsible for FortiNDR license and ANN DB updates.
Previous
Next