How to Obtain Tracelogs from the CLI
03/26/2020 
45 
9714
DESCRIPTION:
Technical support engineers at SonicWall require console logs to be provided for analysis when the device isn't responding via GUI or through any LAN/WAN interfaces . When the firewall locks up or becomes unresponsive there are some files, if gathered from firewall console at the time it locks up, that can help a support engineer find the probable root cause of the reported issue.
This article explains what commands should be used when a firewall locks up or becomes inaccessible via the GUI.
RESOLUTION:
This article will use Putty client to gather key information over SSH connection.
- Log in to SonicWall Firewall via Putty or another terminal emulator program.
- To save the console output to a file browse to Session | logging.
- Select option All session output under Session logging and locate a path for file to be saved as .txt.
- Select the radio button Always append to the end of it and ensure Flush log file frequently box is unchecked.
.JPG)
- Click on the session from the left hand side and type the IP address of the SonicWall under Host name and ensure SSH is selected under "Connection Type"
- Serial connection type should be selected if Firewall is connected via a console cable connection.
- Click on the Open to connect to the appliance via SSH and wait for username prompt, enter username/password and wait for the command line prompt to appear.
For 5.6.0.x firmware and up to 5.8.1.x
show tracelog current
show tracelog last
show tracelog all
show tech-support
Note: On a serial 115k connection, show tech-support command can slow down the firewall so if firewall is taking time to print a command output then avoid running this command, and contact the SonicWall Support Team for further assistance.
show cpu (search for the process and see which process has highest cpu usage )
stacktrace "process name" without " "
for example use
stacktrace zNSM
(Please run the above command for 10 to 15 times)
show mem-pools
show memory
show memzone
show fpa
show log.
For 5.9.0.x firmware versions
show tech-support
diag show tracelog current
diag show tracelog last
diag show tracelog all
diag show cpu
diag show process "process name" without " "
(Please run the above command for 10 to 15 times)
?diag show mem-pools
diag show cp-stats
diag show memory
diag show memzone
diag show fpa
show log view
For 6.1.1.X firmware versions 6.1.2.0 and 6.2.x.x
show tech-support
diag show tracelog current
diag show tracelog last
diag show tracelog all
diag show cpu
diag show process "process name" without " "
(Please run the above command for 10 to 15 times)
diag show mem-pools
diag show cp-stats
diag show memory
diag show memzone
?diag show fpa
diag show log
Attach the file which was saved for saving the console output to the support case for analysis.
Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
Security ServicesComprehensive security for your network security solution
Capture Security applianceAdvanced Threat Protection for modern threat landscape
Network Security ManagerModern Security Management for today’s security landscape
Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
Secure Mobile AccessRemote, best-in-class, secure access
Wireless Access PointsEasy to manage, fast and secure Wi-FI
SwitchesHigh-speed network switching for business connectivity
Cloud App SecurityVisibility and security for Cloud Apps
Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
Capture ClientStop advanced threats and rollback the damage caused by malware
Content Filtering ClientControl access to unwanted and unsecure web content
