Page tree
Skip to end of metadata
Go to start of metadata

Update: The Downloading a Log Bundle support tool has been updated in Lumeta 4.1 to display better in Internet Explorer browser. Also, you can now download database (-d) and spool (-c) files. You can download the most frequently used log files from the browser interface, download the heap dump, and specify the types of log files you want to download.

CLI and API commands for this support bundle are also available. See Essential CLI Procedures and Lumeta API Calls for the syntax. 

This command downloads Lumeta's current configuration and a running list of all Lumeta system activity. The resulting log file is especially useful in troubleshooting. See Lumeta API Calls and Essential CLI Procedures for API and CLI commands. 

To download a log bundle:

  1. Click Download in Settings > Support Tools > Download Log Bundle
  2. The database, spool files, and heap log are not download by default. But you can opt to include them by selecting the checkbox options for them.  

Information about what's included in the log bundle follows:

  1. lumeta-webapp.out - This is the main log file for Lumeta services.
  2. lumeta-webapp-console.log - Console logs for the lumeta webapp service.
  3. /var/log/lumeta-queries.log - All query timings are sent to the /var/log/lumeta-queries.log by default. No need to set log levels. Qery timings are not sent to lumeta-webapp.out or discovery-agent.log.
  4. /var/log/httpd/error_log - Records of all error conditions reported by the HTTP server. Use it to better understand connection issues.
  5. /var/log/httpd/access_log: Records of every page served and every file loaded by the web server
  6. /var/log/httpd/modsec_audit.log: Logs all HTTP transactions
  7. These 4 logs capture the lumeta-warehouse information:
    1. lumeta-warehouse.out
    2. lumeta-warehouse-queries.log
    3. lumeta-warehouse-pgwire.log
    4. lumeta-warehouse-console.log
  8. Other Logs - Other files in /var/logs are native Linux or 3rd-party log files. Important ones are listed here:

    Log NameLog Description

    anaconda.*

    Installation-related log files

    audit/                

    Logs from Linux audit daemon

    boot.log            

    Information logged when the system boots

    btmp

    Failed logins

    dmesg

    Kernal ring buffer information

    kern       

    Information logged by the kernel

    lastlog

    Recent login information for all users

    messages          

    Global system messages

    sa/

    Sar files collected by sysstat

    secure            

    Authentication and authorization logs

    syslog-ng.log

    Syslog messages

    wtmp

    Login records

Raw Files
The /var/spool/Lumeta/ directory contains all raw files. You can validate that discovery is taking place checking this directory and seeing that the number of files grow.  You can also search for specific IPs in this directory.

Database
To find out what IPs/CIDRs were targeted in a specific zone, follow this process:

  1. Log in as root.
  2. Run db.
  3. Run select * from zone_000x.target in which x is the name of a particular zone.
    The zone_000X.target shows what was targeted and the time it was targeted.

Setting Logging Level Details

To set the log levels for a particular Lumeta service (API, DISCOVERY, SYSLOG) , use this CLI syntax:

  • log level set debug service [ subsystem ]

Use the following command to see all SQL queries to the Postgres database.

  • log level set debug API com.lumeta.api.sql

The Java Console

Your browser's Java Console provides information about any error message that occurs while running Lumeta applications. These error messages, and additional details associated with them, are also logged in other Lumeta logs.

For your preferred browser's processes to enable and access the Java Console, search online. Those procedures vary and are beyond the scope of this page.

A Console > Network > GET and Console > Network > POST shows the GUI's response time for a particular mouse click, form submission, etc. (POST) to Lumeta and the GUI response to a particular mouse click, form submission or similar (GET). This information helps in debugging in the unlikely event you do not see the results you intended.

API

 api/rest/system/diagnostic/exports?spool={true|false}&database={true|false}
The parameters spool and database are optional and default to false.

  • No labels