Debug command
Debug output provides continuous, real-time event information. Debugging output continues until it is explicitly stopped or until the unit is rebooted. Debugging output can affect system performance and will be continually generated even though output might not be displayed in the CLI console.
Debug information displayed in the console will scroll in the console display and may prevent CLI commands from being entered, for example, the command to disable the debug display. To turn off debugging output as the display is scrolling by, press the key to recall the recent diag debug command, press backspace, and type “0”, followed by Enter.
Debug output display is enabled using the following command:
diag debug enable
When finished examining the debug output, disable it using:
diag debug disable
Once enabled, indicate the debug information that is required using this command:
diag debug <option> <level>
Debug command options include the following:
application | application |
authd | Authentication daemon. |
cli | Debug CLI. |
cmdb-trace | Trace CLI. |
config-error-log | Configure error log info. |
console | console |
crashlog | Crash log info. |
disable | Disable debug output. |
enable | Enable debug output. |
flow | Trace packet flow in kernel. |
fsso-polling | FSSO active directory poll module. |
info | Show active debug level settings. |
kernel | kernel |
rating | Display rating info. |
report | Report for tech support. |
reset | Reset all debug level to default. |
rtmon | rtmon daemon |
sql-log-error | SQL log database error info |
urlfilter | urlfilter |
The debug level can be set at the end of the command. Typical values are 2 and 3, for example:
diag debug application DHCPS 2
diag debug application spamfilter 2
Fortinet support will advise which debugging level to use.
Timestamps can be enabled to the debug output using the following command:
diag debug console timestamp enable