Main Menu
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Events
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • SonicWall Promotions
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
SonicWall
  • Products
      All Products A–Z
      Free Trials
    • Network Security
      • Next-Generation Firewall (NGFW)
      • Network Security Services
      • Network Security Management
      • Secure SD-WAN
    • Threat Protection
      • Advanced Threat Protection Cloud
      • Advanced Threat Protection Appliance
      • Capture Labs
    • Secure Access Service Edge (SASE)
      • Zero-Trust Network Access (ZTNA)
    • Cloud Security
      • Cloud Firewall
      • Cloud App Security
    • Endpoint Security
      • Endpoint Detection & Response (EDR)
    • Email Security
      • Cloud Email Security
      • Hosted Email Security
      • On-Prem Email Security
    • Secure Access
      • Wireless Access Points
      • Network Switch
      • Virtual Private Network (VPN)
    • Wi-Fi 6 Access Points

      SonicWall SonicWave 600 series access points provide always-on, always-secure connectivity for complex, multi-device environments.

      Read More
  • Solutions
    • Industries
      • Distributed Enterprises
      • Retail & Hospitality
      • K-12 Education
      • Higher Education
      • State & Local
      • Federal
      • Healthcare
      • Financial Services
      • Carriers
    • Use Cases
      • Secure SD-Branch
      • Network Segmentation
      • Zero Trust Security
      • Secure SD-WAN
      • Office 365 Security
      • SaaS Security
      • Secure Wi-Fi
    • Solutions Widgets
      • Solutions Content Widgets
        Federal

        Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions

      • Solutions Image Widgets
  • Partners
    • SonicWall Partners
      • Partners Overview
      • Find a Partner
      • Authorized Distributors
      • Technology Partners
    • Partner Resources
      • Become a Partner
      • SonicWall University
      • Training & Certification
    • Partner Widgets
      • Custom HTML : Partners Content WIdgets
        Partner Portal

        Access to deal registration, MDF, sales and marketing tools, training and more

      • Partners Image Widgets
  • Support
    • Support
      • Support Portal
      • Knowledge Base
      • Technical Documentation
      • Community
      • Video Tutorials
      • Product Life Cycle Tables
      • Partner Enabled Services
      • Contact Support
    • Resources
      • Resource Center
      • Events
      • Free Trials
      • Blog
      • SonicWall University
      • MySonicWall
    • Capture Labs
      • Capture Labs
      • Security Center
      • Security News
      • PSIRT
      • Application Catalog
    • Support Widget
      • Custom HTML : Support Content WIdgets
        Support Portal

        Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials

      • Support Image Widgets
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Events
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • SonicWall Promotions
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
  • Contact Sales
  • English English English en
  • BLOG
  • CONTACT SALES
  • FREE TRIALS
  • English English English en
SonicWall
  • Products
      All Products A–Z
      Free Trials
    • Network Security
      • Next-Generation Firewall (NGFW)
      • Network Security Services
      • Network Security Management
      • Secure SD-WAN
    • Threat Protection
      • Advanced Threat Protection Cloud
      • Advanced Threat Protection Appliance
      • Capture Labs
    • Secure Access Service Edge (SASE)
      • Zero-Trust Network Access (ZTNA)
    • Cloud Security
      • Cloud Firewall
      • Cloud App Security
    • Endpoint Security
      • Endpoint Detection & Response (EDR)
    • Email Security
      • Cloud Email Security
      • Hosted Email Security
      • On-Prem Email Security
    • Secure Access
      • Wireless Access Points
      • Network Switch
      • Virtual Private Network (VPN)
    • Wi-Fi 6 Access Points

      SonicWall SonicWave 600 series access points provide always-on, always-secure connectivity for complex, multi-device environments.

      Read More
  • Solutions
    • Industries
      • Distributed Enterprises
      • Retail & Hospitality
      • K-12 Education
      • Higher Education
      • State & Local
      • Federal
      • Healthcare
      • Financial Services
      • Carriers
    • Use Cases
      • Secure SD-Branch
      • Network Segmentation
      • Zero Trust Security
      • Secure SD-WAN
      • Office 365 Security
      • SaaS Security
      • Secure Wi-Fi
    • Solutions Widgets
      • Solutions Content Widgets
        Federal

        Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions

      • Solutions Image Widgets
  • Partners
    • SonicWall Partners
      • Partners Overview
      • Find a Partner
      • Authorized Distributors
      • Technology Partners
    • Partner Resources
      • Become a Partner
      • SonicWall University
      • Training & Certification
    • Partner Widgets
      • Custom HTML : Partners Content WIdgets
        Partner Portal

        Access to deal registration, MDF, sales and marketing tools, training and more

      • Partners Image Widgets
  • Support
    • Support
      • Support Portal
      • Knowledge Base
      • Technical Documentation
      • Community
      • Video Tutorials
      • Product Life Cycle Tables
      • Partner Enabled Services
      • Contact Support
    • Resources
      • Resource Center
      • Events
      • Free Trials
      • Blog
      • SonicWall University
      • MySonicWall
    • Capture Labs
      • Capture Labs
      • Security Center
      • Security News
      • PSIRT
      • Application Catalog
    • Support Widget
      • Custom HTML : Support Content WIdgets
        Support Portal

        Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials

      • Support Image Widgets
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Events
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • SonicWall Promotions
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
  • Contact Sales
  • Menu

Logs on SMA1000 and its importance for troubleshooting.

10/22/2020 61 People found this article helpful 185,158 Views

    Download
    Print
    Share
    • LinkedIn
    • Twitter
    • Facebook
    • Email
    • Copy URL The link has been copied to clipboard

    Description

    What logs on SMA1000 needed for investigating or troubleshooting  issues.  

    Resolution


    Logs and their requirement:

    • All logs on SMA1000 device logs are not end user friendly.  These logs might be  requested by  SonicWALL Support or SonicWALL Engineering for investigating an issue.
    • On event of failure or issue or symptom reported by Customer logs would help in reviewing the cause or state of device.
    • All logs could be specifically pulled or exported with the help of Snapshot*
    •  How to Enable Debug logging on SMA1000.  This link would help you in navigating to log enabling section on SMA1000.


    Log categories and respective logs


    1) Management Console related issues:

    /var/log/aventail/management.log , log.1...n.   (Support for Analysis might request for higher level of logging).


    2) Upgrade failure or Hotfix update failure:       (Support for Analysis might request for higher level of logging).

    /var/log/aventail/mangement.log,log.1...n

    /var/log/aventail/upgrade.log,log.1..n

    #df -h output 


    3)  Workplace related issues:                                 (Support for Analysis might request for higher level of logging).

    /var/log/aventail/workplace.log

    /var/log/aventail/wp_init.log


    4)  Application access failures over browser or SSO Failure   with logging level raised to highest or as recommended by SonicWall Support

    extraweb_plaintext.log,

    extraweb_access.log

    workplace.log

    wp_init.log

    access_servers.log

    getinfo logs for the period issue was tried or being reported.

    client based capture, network trace captured from browser.


    5) Users unable to authenticate & Tunnel access failures with logging level raised to highest or as recommended by SonicWall Support

    /var/log/aventail/access_servers.log

    appliance packet capture

    date & time on appliance and NTP related info

    Client logs and capture  (Section Client logs)

    extraweb_plaintext.log,  (SAML or browser based authentication)

    extraweb_access.log       (SAML or browser based authentication)


    6)  Appliance reboot or device failure or All users dropped  with logging level raised to highest or as recommended by SonicWall Support

    /var/log/kern.log,log.1,log..n

    /var/log/dmesg.log,log.1...log..n

    any trace files under 

    /var/log/core or /var/log/dump  Note: For initial analysis all *.trace files are good for analysis we might need *.gz file if tracefiles are corrupt.

    /var/log/aventail/access_servers.log,log.1,log..n 

    /var/log/aventail/servicemgr.log,log.1,log..n

    /var/log/aventail/ctrl-service.log,log.1,log..n

    /var/log/aventail/getinfo (All files recorded for specific day + two previous days)


    7)  CMS /GTO Synchronization related issues:  with logging level raised to highest or as recommended by SonicWall Support

    /var/log/aventail/management.log

    /var/log/couchdb/couch.log, 

    /var/log/aventail/couchdb_proxy_access.log

    /var/log/replicator/*

    data & Time on appliances & CMS


    Snapshot

    Management Console-Troubleshooting-Snapshot- 

    Once selected would create and download snapshot.tgz to your default downloads directory.

    Note: 

    a) snapshot :   (Do not run or execute  Snapshot option when your appliance is with High CPU or High Memory or device is running with low diskspace or High user load)

    b) Encrypting a Snapshot needs  password.  And the same to be shared for decrypting.


    Generic Note:

    a) For all issues we recommend to provide getinfo logs (which provides health Status over a period of time.)

    /var/log/avential/getinfo/ (  Note Please provide getinfo logs for entire period of date and time in addition providing previous day(s) would help in analyzing respective services and  appliance functionality).

    b) Configuration export -Management Console-Maintenance-Export (.aea extension)

    c)  Current level of hotfix applied to the device.



    Related Articles

    • How to secure Virtual Office portal from all external access
    • Lost Admin Password Recovery for SMA500v
    • Same syslog source for all SMA devices

    Categories

    • Secure Mobile Access > SMA 1000 Series > Logging

    Not Finding Your Answers?

    ASK THE COMMUNITY

    Was This Article Helpful?

    YESNO

    Article Helpful Form

    Article Not Helpful Form

    Company
    • Careers
    • News
    • Leadership
    • Awards
    • Press Kit
    • Contact Us
    Popular resources
    • Communities
    • Blog
    • SonicWall Capture Labs

    Stay In Touch

    • By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. You can unsubscribe at any time from the Preference Center.
    • This field is for validation purposes and should be left unchanged.
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
    • Instagram

    © 2023 SonicWall. All Rights Reserved.

    • Legal
    • Privacy
    • English
    Scroll to top