GravityZone LogCollector for troubleshooting
Bitdefender GravityZone provides full visibility into organizations' overall security posture, global security threats, and control over its security services that protect virtual or physical desktops, servers and mobile devices. All Bitdefender's Enterprise Security solutions are managed within the GravityZone through a single console, Control Center, that provides control, reporting, and alerting services for various roles within the organization.
This article describes how to use the LogCollector scripts provided by Bitdefender to generate system logs, that will help Bitdefender Support team to investigate and resolve product issues.
Bitdefender offers a logcollector archive, to be used in investigation and troubleshooting, which with the help of the below commands can gather full product logs.
- systeminfo -> Gather system information: dmesg; IP; memory info; CPU info; running processors; listening ports; diginfo; package versions; service status; rabbit cluster and user status; free space.
- processorlogs -> Gather all processor logs.
- ecslogs -> Gather communication server logs.
- systemlogs -> Gather system logs from /var/log
- applogs -> Gather application logs from /opt/bitdefender/var/log
- kitlogs -> Gather kit logs from /opt/bitdefender/var/www
- svalogs -> Gather Security Server (SVA) logs.
- dump -> Gather database dump.
- all -> Run all of the commands, except save and debug logging commands, which have to be run manually.
- save -> Save all gathered logs into an archive for collecting.
It is highly recommended to use the following commands in situations where specific logs are required and only assisted by Bitdefender Enterprise Support team.
Make sure to disable debug logging using the corresponding command for each role.
- enableprocessor -> Enable debug logging for the console processors.
- disableprocessor -> Disable debug logging for the console processors.
- enablecs -> Enable debug logging for the Communication Server.
- disablecs -> Disable debug logging for the Communication Server.
- enablearrakis -> Enable debug logging for the Update Server.
- disablearrakis -> Disable debug logging for the Update Server.
- enableus -> Enable debug logging for the console Update System.
- disableus -> Disable debug logging for the console Update System.
To gather logs without debug logging enabled follow the below steps:
- Copy the logcollector.tgz file to /home/bdadmin/ (you can use WINSCP to copy the file).
- Connect to a GravityZone CLI (you can use PUTTY as well).
- Once you have logged as bdadmin, type sudo su and the password for bdadmin.
- Type cd /home/bdadmin/ to go to the directory where logcollector.tgz was copied.
- Run the command tar xzvf logcollector.tgz.
- Run ls -liah and you should see the file: logcollector
- Run the command: ./logcollector all save
- Using WINSCP, copy the logs on your Windows machine.
- Send the gzlogs_hostname_timestamp.tar.gz file, together with a detailed description of the issue, to the following email address: email@example.com.
A member of of Bitdefender Enterprise Support team will contact you shortly.
- To gather all logs without debug logging enabled:
./logcollector all save
- To enable debug logging for the console processors, gather all logs and disable debug logging:
./logcollector enableprocessor all save disableprocessor
- To enable debug logging for the console processors, gather processors logs and disable debug logging:
./logcollector enableprocessor processorlogs save disableprocessor