Downloading a Log Bundle

CLI and API commands for this support bundle are also available. See Essential CLI Procedures and Asset Manager API Calls for the syntax. 

This command downloads Asset Manager's current configuration and a running list of all Asset Manager system activity. The resulting log file is especially useful in troubleshooting. See Asset Manager API Calls and Essential CLI Procedures for API and CLI commands. 

To download a log bundle:

  1. Click Download in Settings > Support Tools > Download Log Bundle
  2. The database, spool files, and heap log are not download by default. But you can opt to include them by selecting the checkbox options for them.  

Information about what's included in the log bundle follows:

  1. Asset Manager-webapp.out - This is the main log file for Asset Manager services.
  2. Asset Manager-webapp-console.log - Console logs for the Asset Manager webapp service.
  3. /var/log/Asset Manager-queries.log - All query timings are sent to the /var/log/Asset Manager-queries.log by default. No need to set log levels. Qery timings are not sent to Asset Manager-webapp.out or discovery-agent.log.
  4. /var/log/httpd/error_log - Records of all error conditions reported by the HTTP server. Use it to better understand connection issues.
  5. /var/log/httpd/access_log: Records of every page served and every file loaded by the web server
  6. /var/log/httpd/modsec_audit.log: Logs all HTTP transactions
  7. These 4 logs capture the Asset Manager-warehouse information:
    1. Asset Manager-warehouse.out
    2. Asset Manager-warehouse-queries.log
    3. Asset Manager-warehouse-pgwire.log
    4. Asset Manager-warehouse-console.log
  8. Other Logs - Other files in /var/logs are native Linux or 3rd-party log files. Important ones are listed here:

    Log Name Log Description

    anaconda.*

    Installation-related log files

    audit/                

    Logs from Linux audit daemon

    boot.log            

    Information logged when the system boots

    btmp

    Failed logins

    dmesg

    Kernal ring buffer information

    kern       

    Information logged by the kernel

    lastlog

    Recent login information for all users

    messages          

    Global system messages

    sa/

    Sar files collected by sysstat

    secure            

    Authentication and authorization logs

    syslog-ng.log

    Syslog messages

    wtmp

    Login records

Raw Files
The /var/spool/Asset Manager/ directory contains all raw files. You can validate that discovery is taking place checking this directory and seeing that the number of files grow.  You can also search for specific IPs in this directory.

Database
To find out what IPs/CIDRs were targeted in a specific zone, follow this process:

  1. Log in as root.
  2. Run db.
  3. Run select * from zone_000x.target in which x is the name of a particular zone.
    The zone_000X.target shows what was targeted and the time it was targeted.

Setting Logging Level Details

To set the log levels for a particular Asset Manager service (API, DISCOVERY, SYSLOG) , use this CLI syntax:

  • log level set debug service [ subsystem ]

Use the following command to see all SQL queries to the Postgres database.

  • log level set debug API com.Asset Manager.api.sql

The Java Console

Your browser's Java Console provides information about any error message that occurs while running Asset Manager applications. These error messages, and additional details associated with them, are also logged in other Asset Manager logs.

For your preferred browser's processes to enable and access the Java Console, search online. Those procedures vary and are beyond the scope of this page.

A Console > Network > GET and Console > Network > POST shows the GUI's response time for a particular mouse click, form submission, etc. (POST) to Asset Manager and the GUI response to a particular mouse click, form submission or similar (GET). This information helps in debugging in the unlikely event you do not see the results you intended.

API

The parameters spool and database are optional and default to false: api/rest/system/diagnostic/exports?spool={true|false}&database={true|false}