Page tree
Skip to end of metadata
Go to start of metadata

Update: The Downloading a Log Bundle support tool has been updated in Lumeta 4.1 to display better in Internet Explorer browser. Also, you can now download database (-d) and spool (-c) files. You can download the most frequently used log files from the browser interface, download the heap dump, and specify the types of log files you want to download.

CLI and API commands for this support bundle are also available. See Essential CLI Procedures and Lumeta API Calls for the syntax. 

This command downloads Lumeta's current configuration and a running list of all Lumeta system activity. The resulting log file is especially useful in troubleshooting. See Lumeta API Calls and Essential CLI Procedures for API and CLI commands. 

To download a log bundle:

  1. Click Download in Settings > Support Tools > Download Log Bundle
  2. The database, spool files, and heap log are not download by default. But you can opt to include them by selecting the checkbox options for them.  

Information about what's included in the log bundle follows:

  1. lumeta-webapp.out - This is the main log file for Lumeta services.
  2. lumeta-webapp-console.log - Console logs for the lumeta webapp service.
  3. /var/log/lumeta-queries.log - All query timings are sent to the /var/log/lumeta-queries.log by default. No need to set log levels. Qery timings are not sent to lumeta-webapp.out or discovery-agent.log.
  4. /var/log/httpd/error_log - Records of all error conditions reported by the HTTP server. Use it to better understand connection issues.
  5. /var/log/httpd/access_log: Records of every page served and every file loaded by the web server
  6. /var/log/httpd/modsec_audit.log: Logs all HTTP transactions
  7. These 4 logs capture the lumeta-warehouse information:
    1. lumeta-warehouse.out
    2. lumeta-warehouse-queries.log
    3. lumeta-warehouse-pgwire.log
    4. lumeta-warehouse-console.log
  8. Other Logs - Other files in /var/logs are native Linux or 3rd-party log files. Important ones are listed here:

    Log NameLog Description


    Installation-related log files


    Logs from Linux audit daemon


    Information logged when the system boots


    Failed logins


    Kernal ring buffer information


    Information logged by the kernel


    Recent login information for all users


    Global system messages


    Sar files collected by sysstat


    Authentication and authorization logs


    Syslog messages


    Login records

Raw Files
The /var/spool/Lumeta/ directory contains all raw files. You can validate that discovery is taking place checking this directory and seeing that the number of files grow.  You can also search for specific IPs in this directory.

To find out what IPs/CIDRs were targeted in a specific zone, follow this process:

  1. Log in as root.
  2. Run db.
  3. Run select * from in which x is the name of a particular zone.
    The shows what was targeted and the time it was targeted.

Setting Logging Level Details

To set the log levels for a particular Lumeta service (API, DISCOVERY, SYSLOG) , use this CLI syntax:

  • log level set debug service [ subsystem ]

Use the following command to see all SQL queries to the Postgres database.

  • log level set debug API com.lumeta.api.sql

The Java Console

Your browser's Java Console provides information about any error message that occurs while running Lumeta applications. These error messages, and additional details associated with them, are also logged in other Lumeta logs.

For your preferred browser's processes to enable and access the Java Console, search online. Those procedures vary and are beyond the scope of this page.

A Console > Network > GET and Console > Network > POST shows the GUI's response time for a particular mouse click, form submission, etc. (POST) to Lumeta and the GUI response to a particular mouse click, form submission or similar (GET). This information helps in debugging in the unlikely event you do not see the results you intended.


The parameters spool and database are optional and default to false.

  • No labels