GravityZone LogCollector for troubleshooting
Bitdefender GravityZone provides full visibility into organizations' overall security posture, global security threats, and control over its security services that protect virtual or physical desktops, servers and mobile devices. All Bitdefender's Enterprise Security solutions are managed within the GravityZone through a single console, Control Center, that provides control, reporting, and alerting services for various roles within the organization.
This article describes how to use the LogCollector scripts provided by Bitdefender to generate system logs, that will help Bitdefender Support team to investigate and resolve product issues.
Bitdefender offers a logcollector archive, to be used in investigation and troubleshooting, which with the help of the below commands can gather full product logs.
- enable -> Enable debug logging for the console.
- systeminfo -> Gather system information: dmesg; IP; memory info; CPU info; running processors; listening ports; diginfo; package versions; service status; rabbit cluster and user status; free space.
- processorlogs -> Gather all processor logs.
- ecslogs -> Gather communication server logs.
- systemlogs -> Gather system logs from /var/log
- applogs -> Gather application logs from /opt/bitdefender/var/log
- kitlogs -> Gather kit logs from /opt/bitdefender/var/www
- svalogs -> Gather Security Server (SVA) logs.
- dump -> Gather database dump.
- all -> Runs all of the commands except enable, save and disable, which have to be run manually.
- save -> Save all gathered logs into an archive for collecting.
- disable -> Disable debug logging.
To use the script, you need follow the below steps:
- Copy the logcollector.tgz file to /home/bdadmin/ (you can use WINSCP to copy the file from Windows to Linux).
- Connect to a GravityZone CLI (you can use PUTTY as well).
- Once you have logged as bdadmin, type sudo su and the password for bdadmin.
- Type cd /home/bdadmin/ to go to the directory where logcollector.tgz has been copied.
- Run the command tar xzvf logcollector.tgz.
- Run ls -liah and you should see the file: logcollector
- Enable the script: ./logcollector enable
- Try to reproduce the error if required.
- Run the commands that are needed. E.g.: ./logcollector dump. The commands can be run individualy as needed or as a group. E.g.: ./logcollector enable dump;
- Save the logs: ./logcollector save
- At the end, disable the script: ./logcollector disable
- Using WINSCP, copy the logs on your Windows machine.
- Send the gzlogs_hostname_timestamp.tar.gz file, together with a detailed description of the problem, to the following email address: firstname.lastname@example.org. A member of the Bitdefender Professional Services team will contact you shortly.
- To gather system logs: ./logcollector enable systemlogs save disable
- To gather kit logs and a dump: ./logcollector enable kitlogs dump save disable
- To gather all logs: ./logcollector enable all save disable