GravityZone LogCollector for troubleshooting
Bitdefender GravityZone provides full visibility into organizations' overall security posture, global security threats, and control over its security services that protect virtual or physical desktops, servers and mobile devices. All Bitdefender's Enterprise Security solutions are managed within the GravityZone through a single console, Control Center, that provides control, reporting, and alerting services for various roles within the organization.
This article describes how to use the LogCollector scripts provided by Bitdefender to generate system logs, that will help Bitdefender Support team to investigate and resolve product issues.
Bitdefender offers a logcollector archive, to be used in investigation and troubleshooting, which with the help of the below commands can gather default product logs (without debug logging enabled):
- systeminfo -> Gather system information: dmesg; IP; memory info; CPU info; running processors; listening ports; diginfo; package versions; service status; rabbit cluster and user status; free space.
- processorlogs -> Gather all processor logs.
- ecslogs -> Gather communication server logs.
- systemlogs -> Gather system logs from /var/log
- applogs -> Gather application logs from /opt/bitdefender/var/log
- kitlogs -> Gather kit logs from /opt/bitdefender/var/www
- svalogs -> Gather Security Server (SVA) logs.
- dump -> Gather database dump.
- all -> Run all of the commands, except save and debug logging commands, which have to be run manually.
- save -> Save all gathered logs into an archive for collecting.
It is highly recommended to use the following commands in situations where advanced specific logs (with debug logging enabled) are required and only assisted by Bitdefender Enterprise Support team.
Make sure to disable debug logging using the corresponding command for each role.
- enableprocessor -> Enable debug logging for the console processors.
- disableprocessor -> Disable debug logging for the console processors.
- enablecs -> Enable debug logging for the Communication Server.
- disablecs -> Disable debug logging for the Communication Server.
- enablearrakis -> Enable debug logging for the Update Server.
- disablearrakis -> Disable debug logging for the Update Server.
- enableus -> Enable debug logging for the console Update System.
- disableus -> Disable debug logging for the console Update System.
To gather default logs, follow the below steps:
- Copy the logcollector.tgz file to /home/bdadmin/
You can use WinSCP to copy the file.
- Connect to a GravityZone CLI.
You can use PuTTY as well.
- Once you have logged as bdadmin, type sudo su and the password for bdadmin.
- Type cd /home/bdadmin/ to go to the directory where logcollector.tgz was copied.
- Run the command tar xzvf logcollector.tgz
- Run ls -liah and you should see the file: logcollector
- Run the command: ./logcollector all save
- Using WinSCP, copy the log file on your Windows machine.
- Send the gzlogs_hostname_timestamp.tar.gz file, together with a detailed description of the issue, to the following email address: email@example.com
A member of the Bitdefender Enterprise Support team will contact you shortly.
- To gather all default logs:
./logcollector all save
- To enable debug logging for more than one role:
./logcollector enableprocessor enablecs
- To gather all advanced logs and disable debug logging for Communication Server and console processors:
./logcollector all save disablecs disableprocessor