Network diagnose fortilogd Device message rate msgrate-device Network Troubleshooting diagnose fortilogd msgrate-type Message rate for each log type execute ping [host] Ping utility execute traceroute [host] Traceroute utility diag sniffer packet Packet sniffer Disk Disk / RAID / Virtual Disk config system fortiview settings Resolve IP address to hostname set resolve-ip enable config system locallog disk setting What happens with oldest logs set diskfull nolog / overwrite Logging diagnose system raid [option] RAID information status, hwinfo, alarms Log Forwarding diagnose system disk [option] Disk information info, health, errors, attributes CHEATSHEET config system log-forward edit log-aggregation For virtual machines: provides a list of Forwarding logs to FortiAnalyzer / execute lvm info available disks aggregation-client set mode Syslog / CEF For virtual machines: Add disk FORTIANALYZER FOR 6.0 aggregation, disable> config system Configure the FortiAnalyzer that receives © BOLL Engineering AG, FortiAnalyzer Cheat Sheet Version 1.1 / 08.02.2019 log-forward-service logs ADOM set accept-aggregation enable ADOM operation Log Backup config system global ADOM settings set adom-status [en/dis] Enable or disable ADOM mode General execute backup logs config system global Set ADOM mode to normal or advanced / Default device information for VDOMs) Backup logs to external storage set adom-mode [normal/advanced] Default login admin / [no password] config system global Displays ADOM window after login 192.168.1.99/24 Default IP on port1 set adom-select [en/dis] Restore commands exec restore diagnose dvm adom list Enabled and configured ADOMs 9600/8-N-1 Default serial console settings hardware flow control disabled Currently registered and unregistered diagnose dvm device list devices and VDOMs Log Encryption Basic commands execute sql-local rebuild-adom Rebuild ADOM database config log fortianalyzer setting set enc-algorithm {default* | FortiGate’s encryption level get system status Current status of FortiAnalyzer high | low | disable} Displays the network interface Authentication group show system interface configuration config system global set enc-algorithm {high | medium | FortiAnalyzer’s encryption level config sys admin group Displays static routing table entries low*} Group authentication server show system route edit Configure FortiAnalyzer to record log file show system dns Displays DNS server address config system global set log-checksum {md5 | md5-auth | hash value, timestamp and authentication Displays automatic time settings using a code show system ntp network time protocol (NTP) server none} Reporting Displays how often FortiAnalyzer Hard cache get system ntp synchronizes its time with the NTP server Logging settings on Fortigate diagnose sql status sqlreportd SQL query connections and hcache status execute shutdown / restart Shutdown and Restart command configure log fortianalyzer Logging commands on FortiGate diagnose sql show hcache-size Hcache size on the file system setting / filter diagnose test application diagnose log test Generates several dummy log messages State of the hcache Server information sqlrptcached diagnose test appli miglogd 6 Dumps statistics for log daemon get system performance FortiAnalyzer performance statistics diagnose test application Diagnose hcache creation diagnose log kernel-stats Sent and failed log statistics sqlreportd 2 diagnose system print [option] execute sql-report hcache-build certificate, cpuinfo, df, hosts execute log fortianalyzer Test connection to FortiAnalyzer Rebuild hcache interface, loadavg, partitions, View different server information test-connectivity route, rtcache, slabinfo, sockets, uptime, netstat execute sql-report list-schedule View report grouping information Hardware statistics for CPU, memory, disk Logging Troubleshooting diagnose hardware info and RAID diagnose test application Daemon for receiving logs oftpd 8 Database diagnose test application Log file-related actitivites diagnose sql process list Current SQL processes running Reset Information logfiled 2 SQL insertion status Erases the show configuration on flash, diagnose log device Used disk space per ADOM diagnose sql status sqlplugind execute reset all-settings containing IP and routes diagnose system print df Logs and all system files on mounted drive Erases the configuration on flash, leaves the Log receive rate per second execute reset all-except-ip settings for IP and routes diagnose fortilogd lograte diagnose fortilogd msgrate Message receive rate per second execute format disk Formats Log disk diagnose fortilogd msgrate-total Message receive rate totals Report errors, suggestions or comments to [email protected]