Hot!FAZ not collecting logs after moving FGT from one ADOM to another ADOM

Author
ATC
New Member
  • Total Posts : 19
  • Scores: 0
  • Reward points: 0
  • Joined: 2011/02/16 14:06:20
  • Status: offline
2017/08/26 10:06:11 (permalink)
0

FAZ not collecting logs after moving FGT from one ADOM to another ADOM

We use FAZ in analyzer mode with ADOMs. We recently moved a FGT from one ADOM to another, and then log collection just stopped for that device. I've tried removing the FGT device in FAZ and re-registering it, and it still fails to collect logs. I have also re-built the SQL db for that ADOM and re-indexed, but still no luck.
On the FGT, if I click TEST CONNECTIVITY button, everything looks fine--it shows the name of the FAZ, status is REGISTERED, and connection status and all priviliges get a green check mark. It also shows the number of logs that it is sending to the FAZ. But I don't know where they are going once they hit the FAZ.
Any suggestions would be appreciated!
#1
emnoc
Expert Member
  • Total Posts : 4215
  • Scores: 237
  • Reward points: 0
  • Joined: 2008/03/20 13:30:33
  • Status: offline
Re: FAZ not collecting logs after moving FGT from one ADOM to another ADOM 2017/08/27 06:42:11 (permalink)
0
Does the fortigate show up in the device list? Are you  100% sure you edit the new adom and select that device? Have you  check the FAZ event logs for any clues?
 
 

PCNSE6,PCNSE7, ACE, CCNP,FCNSP,FCESP,Linux+,CEH,ECSA,SCSA,SCNA,CISCA email/web
#2
scao_FTNT
optimizzz
  • Total Posts : 471
  • Scores: 23
  • Reward points: 0
  • Joined: 2012/08/27 11:39:44
  • Status: offline
Re: FAZ not collecting logs after moving FGT from one ADOM to another ADOM 2017/08/27 09:50:20 (permalink)
0
can you help provide "diag dvm device list", "diag dvm adom list" and "diag log device"?
 
Thanks
 
Simon
#3
ATC
New Member
  • Total Posts : 19
  • Scores: 0
  • Reward points: 0
  • Joined: 2011/02/16 14:06:20
  • Status: offline
Re: FAZ not collecting logs after moving FGT from one ADOM to another ADOM 2017/08/27 12:59:16 (permalink)
0
Result of "diag dvm device list"
 
TYPE            OID    SN               HA      IP              NAME                                 ADOM                                 IPS                FIRMWARE       

faz enabled     260    FG100Exxxxx01629 -       172.xx.xx.250   Axxxxxxxxxxxxxx                      Axxxxxxxxx                           N/A                5.0 MR4 (5873)

        |- STATUS: db: unknown; conf: unknown; cond: unknown; dm: none; conn: unknown

        |- vdom:[3]root flags:0 adom:Axxxxxxxxx pkg:[never-installed]
post edited by ATC - 2017/08/27 13:00:23
#4
ATC
New Member
  • Total Posts : 19
  • Scores: 0
  • Reward points: 0
  • Joined: 2011/02/16 14:06:20
  • Status: offline
Re: FAZ not collecting logs after moving FGT from one ADOM to another ADOM 2017/08/27 13:05:17 (permalink)
0
Result of "diag log device" (removed non-essential info)
==============================================

FAZVM64-HV # diag log device

Device Name          Device ID            Used Space(logs / quarantine / content / IPS) Allocated Space  Used%

Axxxxxxxxxxxxxx     FG100Exxxxxx01629        0.0KB(   0.0KB/   0.0KB/   0.0KB/   0.0KB) unlimited        n/a  

Total: 17 log devices, used=52.0GB quota=unlimited

 

 

AdomName         AdomOID  Type                                 Logs                                                     Database

                                [Retention   Quota   UsedSpace(logs / quarantine / content / IPS) Used%]  [Retention   Quota      Used   Used%]


Axxxxxxxxx       148      FGT     365days    14.6GB   12.2GB(  12.2GB/   0.0KB/   0.0KB/   0.0KB) 83.2%      60days    34.2GB   16.1GB   47.1%


Total usage: 23 ADOMs, logs=52.0GB database=112.6GB(ADOMs usage:111.9GB + Internal Usage:707.8MB)

 

Total Quota Summary:

    Total Quota      Allocated        Available        Allocate%       

    884.2GB          543.0GB          341.2GB          61.4%

 

System Storage Summary:

    Total            Used             Available        Use%            

    984.2GB          171.4GB          812.8GB          17.4%

 

Reserved space: 100.0GB (10.2% of total space).
#5
ATC
New Member
  • Total Posts : 19
  • Scores: 0
  • Reward points: 0
  • Joined: 2011/02/16 14:06:20
  • Status: offline
Re: FAZ not collecting logs after moving FGT from one ADOM to another ADOM 2017/08/27 13:09:44 (permalink)
0
REsults of "diag dvm adom list" (removed non-essential info)
=========================================
 
FAZVM64-HV # diag dvm adom list

There are currently 24 ADOMs:

OID      STATE    PRODUCT OSVER MR  NAME                                 MODE    VPN MANAGEMENT        IPS                

148      enabled  FOS     5.0   2   Axxxxxxxxx                        Normal  Policy & Device VPNs  N/A                


---End ADOM list---
 
#6
ATC
New Member
  • Total Posts : 19
  • Scores: 0
  • Reward points: 0
  • Joined: 2011/02/16 14:06:20
  • Status: offline
Re: FAZ not collecting logs after moving FGT from one ADOM to another ADOM 2017/08/27 13:20:11 (permalink)
0
To answer your questions emnoc:
-Yes, the fortigate shows up in the device list under the correct ADOM with a red dot under the LOGS column. We have another device in this ADOM and it is logging correctly.
-See event log below. This shows when I deleted and re-registering the device in lines 329-332; but 9 minutes later in line 328 it says no logs received from the device in last 4215 minutes. SO I don't think deleting the device took care of everything.
 
 
328 2017-08-26 11:50:50    warning     system                 FortiAnalyzer event  Device[FG100Exxxxx01629] did not receive any log in last 4215 minutes.
329 2017-08-26 11:41:11 information system                 FortiAnalyzer event  Added unregistered device FG100Exxxxx01629 to unregistered table
330 2017-08-26 11:41:11    information device ...             Device manager event Device FG100Exxxxx01629 add succeeded
331 2017-08-26 11:36:46    warning     system                 FortiAnalyzer event  Deleted all log files of FG100Exxxxx01629 due to device deletion.
332 2017-08-26 11:36:46    notice      admin-GUI(24.7.214.66) Device manager event Deleted device Axxxxxxxxxxxx-FGT100E (FG100Exxxxx01629)
 
 
post edited by ATC - 2017/08/27 13:26:45
#7
ATC
New Member
  • Total Posts : 19
  • Scores: 0
  • Reward points: 0
  • Joined: 2011/02/16 14:06:20
  • Status: offline
Re: FAZ not collecting logs after moving FGT from one ADOM to another ADOM 2017/08/27 13:32:32 (permalink)
0
See attached screen shot showing that the FGT100E is connected and sending logs to the FAZ, as well as the FAZ eventlog which shows that no logs have been received.

Attached Image(s)

#8
emnoc
Expert Member
  • Total Posts : 4215
  • Scores: 237
  • Reward points: 0
  • Joined: 2008/03/20 13:30:33
  • Status: offline
Re: FAZ not collecting logs after moving FGT from one ADOM to another ADOM 2017/08/27 18:45:27 (permalink)
0
Okay try this
 
on the fgt 
 
execute log  filter dev  2 ( double check 2 is FAZ )
execute log  filter category 0
execute log  display
 
 
Does that show  or present any logs? And how about
 
execute log  filter category 1
execute log  display
 
Same thing do you show logs? Also what version of FAZ do you have?  v5.0.x on the FGT is very old imho.
 
 

PCNSE6,PCNSE7, ACE, CCNP,FCNSP,FCESP,Linux+,CEH,ECSA,SCSA,SCNA,CISCA email/web
#9
ATC
New Member
  • Total Posts : 19
  • Scores: 0
  • Reward points: 0
  • Joined: 2011/02/16 14:06:20
  • Status: offline
Re: FAZ not collecting logs after moving FGT from one ADOM to another ADOM 2017/08/27 19:11:25 (permalink)
0
We are on FAZ 5.4.3.
 
Here are the results from the fortigate, which is also on 5.4.3. I would've guessed I was having a problem with the FAZ, but this looks like a FGT problem?
 
FG100Exxxxx01629 # exec log filter dev
Available devices:
 0: memory
 1: faz
 2: fds

FG100Exxxxx01629 # exec log filter dev 1
FG100Exxxxx01629 # exec log filter category 0
FG100Exxxxx01629 # exec log display
0 logs found.
0 logs returned.
0.0% of logs has been searched.
 
FG100Exxxxx01629 # exec log filter dev 1
FG100Exxxxx01629 # exec log filter category 1
FG100Exxxxx01629 # exec log display
0 logs found.
0 logs returned.
0.0% of logs has been searched.
#10
emnoc
Expert Member
  • Total Posts : 4215
  • Scores: 237
  • Reward points: 0
  • Joined: 2008/03/20 13:30:33
  • Status: offline
Re: FAZ not collecting logs after moving FGT from one ADOM to another ADOM 2017/08/28 07:17:47 (permalink)
0
Okay run the following
 
 
 diag  debug application   logd -1

 diag  debug application  sqllogd -1

 diag debug en
 
Do you have anything similar

DEFRAHOFAZ1 # Request:
{ "client": "\/bin\/fazcfgd:452", "id": 1, "method": "set", "params": [ { "data": { "action": "device offline", "msg": "Device[FGT80C3912302831] did not receive any log in last 8565 minutes.", "user": "system", "userfrom": "system" }, "url": "\/log\/event\/faz\/device_offline" } ] }
 
 
 
Just let it run and capture any  displayed diagnostics
 
Ken
 

PCNSE6,PCNSE7, ACE, CCNP,FCNSP,FCESP,Linux+,CEH,ECSA,SCSA,SCNA,CISCA email/web
#11
hzhao_FTNT
Platinum Member
  • Total Posts : 318
  • Scores: 44
  • Reward points: 0
  • Joined: 2014/09/12 10:03:54
  • Status: offline
Re: FAZ not collecting logs after moving FGT from one ADOM to another ADOM 2017/08/28 10:21:04 (permalink)
0
Please collect below info on both FGT and FAZ:
==============
FGT
==============

1 get log fortianalyzer setting
2 diag test app miglogd 2
3 diag test app miglogd 6 (for 3 times)
4 diag siniffer pack any "host fazip and port 514" 3

=================
FAZ
=============
diag  test app fortilogd 2 (for 3 times)
diag fortilogd msgrate-device
diag test app logfi 5 FGT-SN
diag test app sqll 84
diag test app oft 4  FGT-SN (for 3 times)
diag deb cra read 
 
regards,
hz
#12
ATC
New Member
  • Total Posts : 19
  • Scores: 0
  • Reward points: 0
  • Joined: 2011/02/16 14:06:20
  • Status: offline
Re: FAZ not collecting logs after moving FGT from one ADOM to another ADOM 2017/08/29 19:37:54 (permalink)
0
Ken:
 
I ran the debug commands you gave me for about 5 minutes and this is the only log captured.
 
FAZVM64-HV # diag debug application logd -1
FAZVM64-HV # diag debug application sqllogd -1
FAZVM64-HV # diag debug en
Request:
{ "client": "\/bin\/fazcfgd:630", "id": 1, "method": "set", "params": [ { "data": { "action": "device offline", "msg": "Device[FG100Exxxxx01629] did not receive any log in last 9092 minutes.", "user": "system", "userfrom": "system" }, "url": "\/log\/event\/faz\/device_offline" } ] }


#13
ATC
New Member
  • Total Posts : 19
  • Scores: 0
  • Reward points: 0
  • Joined: 2011/02/16 14:06:20
  • Status: offline
Re: FAZ not collecting logs after moving FGT from one ADOM to another ADOM 2017/08/29 20:11:11 (permalink)
0
HZ: Here are the results of the diagnostics you wanted me to run.
 
***** Results on FGT of get log fortianalyzer setting*********

FG100Exxxxx01629 # get log fortianalyzer setting
path=log.fortianalyzer, objname=setting, tablename=(null), size=248
status              : enable
ips-archive         : enable
server              : 172.22.10.253
enc-algorithm       : disable
conn-timeout        : 10
monitor-keepalive-period: 5
monitor-failure-retry-period: 5
source-ip           : 172.22.27.250
upload-option       : realtime
reliable            : enable


 

*********** Results on FGT of diag test app miglogd 2 ********

FG100Exxxxx01629 # diag test app miglogd 2
vdom root: id=0, working, master-ip=169.254.0.1, resolve port, donot resolve IP
    dst-geo=1 src-geo=1 brief_format=disabled
event filter:
     event
 system vpn user router wireless wad endpoint ha compliance-check
memory log: enabled
    status=1, diskfull=0
filter: severity=4, sz_exclude_list=0
     event voip
subcategory:
    traffic: forward multicast sniffer
    event: system vpn user router wireless wad endpoint
    anomaly: anomaly
REAL-TIME LOGGING DEVICES:
memory is enabled: ID=0
filter: severity=4, sz_exclude_list=0
     event voip
subcategory:
    traffic: forward multicast sniffer
    event: system vpn user router wireless wad endpoint ha compliance-check
    anomaly: anomaly
faz is enabled: ID=10
filter: severity=6, sz_exclude_list=0
     event voip
subcategory:
    traffic: forward local multicast sniffer
    event: system vpn user router wireless wad endpoint ha compliance-check
    anomaly: anomaly
custom field cache:
IPV4:
IPV6:



**********Results on FGT of diag test app miglogd 6 (for 3 times) ********

FG100Exxxxx01629 # diag test app miglogd 6
mem=384698, disk=0, alert=0, alarm=0, sys=0, faz=17912032, webt=0, fds=0
interface-missed=8
Queues Total in miglogds: maxium=22448 current:1954
global log dev statistics:
faz 0: sent=10332299, failed=7572951, cached=4933, lz4slowpath=164626, relayed=0


FG100Exxxxx01629 # diag test app miglogd 6
mem=384706, disk=0, alert=0, alarm=0, sys=0, faz=17912121, webt=0, fds=0
interface-missed=8
Queues Total in miglogds: maxium=22448 current:1954
global log dev statistics:
faz 0: sent=10332299, failed=7573041, cached=4933, lz4slowpath=164626, relayed=0


FG100Exxxxx01629 # diag test app miglogd 6
mem=384716, disk=0, alert=0, alarm=0, sys=0, faz=17912264, webt=0, fds=0
interface-missed=8
Queues Total in miglogds: maxium=22448 current:1954
global log dev statistics:
faz 0: sent=10332299, failed=7573188, cached=4933, lz4slowpath=164628, relayed=0




********* Results on FGT of diag siniffer pack any "host fazip and port 514" 3  *************

FG100Exxxxx01629 # diag sniffer pack any "host 172.22.10.253 and port 514" 3
interfaces=[any]
filters=[host 172.22.10.253 and port 514]
2.197144 172.22.27.250.19029 -> 172.22.10.253.514: syn 4261028169
0x0000     0000 0000 0000 0000 0000 0000 0800 4500    ..............E.
0x0010     003c e32d 4000 4006 d86a ac16 1bfa ac16    .<.-@.@..j......
0x0020     0afd 4a55 0202 fdfa 2149 0000 0000 a002    ..JU....!I......
0x0030     369c 4cab 0000 0204 0576 0402 080a 17d4    6.L......v......
0x0040     c264 0000 0000 0103 0306                   .d........
2.239136 172.22.10.253.514 -> 172.22.27.250.19029: syn 1907677944 ack 4261028170
0x0000     0000 0000 0001 0000 0000 0000 0800 4500    ..............E.
0x0010     0034 0000 4000 3f06 bca0 ac16 0afd ac16    .4..@.?.........
0x0020     1bfa 0202 4a55 71b4 daf8 fdfa 214a 8012    ....JUq.....!J..
0x0030     7210 c5be 0000 0204 0576 0101 0402 0103    r........v......
0x0040     030a                                       ..
 
2.239243 172.22.27.250.19029 -> 172.22.10.253.514: ack 1907677945
0x0000     0000 0000 0000 0000 0000 0000 0800 4500    ..............E.
0x0010     0028 e32e 4000 4006 d87d ac16 1bfa ac16    .(..@.@..}......
0x0020     0afd 4a55 0202 fdfa 214a 71b4 daf9 5010    ..JU....!Jq...P.
0x0030     00db 778b 0000                             ..w...
2.239816 172.22.27.250.19029 -> 172.22.10.253.514: psh 4261028170 ack 1907677945
0x0000     0000 0000 0000 0000 0000 0000 0800 4500    ..............E.
0x0010     01e1 e32f 4000 4006 d6c3 ac16 1bfa ac16    .../@.@.........
0x0020     0afd 4a55 0202 fdfa 214a 71b4 daf9 5018    ..JU....!Jq...P.
0x0030     00db 3ecd 0000 0200 0100 0000 0031 0000    ..>..........1..
0x0040     01b9 0300 0000 0000 0028 c849 1164 889a    .........(.I.d..
0x0050     47a7 2d89 780d 974d dba5 3780 20f6 93de    G.-.x..M..7.....
0x0060     aec7 2f45 a8dc e106 f64b 0400 0000 0000    ../E.....K......
0x0070     001c 45b5 5f24 9801 6807 8c44 4329 e63e    ..E._$..h..DC).>
0x0080     dd20 7454 d161 1d00 0000 0000 0018 4647    ..tT.a........FG
0x0090     3130 3045 3451 3137 3030 3136 3239 3d00    100Exxxxx01629=.
0x00a0     0000 0000 011f 5665 7273 696f 6e3a 2046    ......Version:.F
0x00b0     6f72 7469 4761 7465 2d31 3030 4520 7635    ortiGate-100E.v5
0x00c0     2e34 2e33 2c62 7569 6c64 3538 3733 2c31    .4.3,build5873,1
0x00d0     3631 3231 3620 2847 4129 0a56 6972 7573    61216.(GA).Virus
0x00e0     2d44 423a 2035 312e 3030 3239 3928 3230    -DB:.51.00299(20
0x00f0     3137 2d30 382d 3239 2031 373a 3135 290a    17-08-29.17:15).
0x0100     4950 532d 4442 3a20 3132 2e30 3032 3130    IPS-DB:.12.00210
0x0110     2832 3031 372d 3038 2d32 3520 3031 3a30    (2017-08-25.01:0
0x0120     3729 0a53 6572 6961 6c2d 4e75 6d62 6572    7).Serial-Number
0x0130     3a20 4647 3130 3045 3451 3137 3030 3136    :.FG100Exxxxx016
0x0140     3239 0a42 6f74 6e65 7420 4442 3a20 342e    29.Botnet.DB:.4.
0x0150     3030 3033 3628 3230 3137 2d30 382d 3239    00036(2017-08-29
0x0160     2031 303a 3030 290a 5669 7274 7561 6c20    .10:00).Virtual.
0x0170     646f 6d61 696e 2063 6f6e 6669 6775 7261    domain.configura
0x0180     7469 6f6e 3a20 6469 7361 626c 650a 4375    tion:.disable.Cu
0x0190     7272 656e 7420 4841 206d 6f64 653a 2073    rrent.HA.mode:.s
0x01a0     7461 6e64 616c 6f6e 650a 4375 7272 656e    tandalone.Curren
0x01b0     7420 4841 2067 726f 7570 3a20 0a1e 0000    t.HA.group:.....
0x01c0     0000 0000 0c00 0000 0120 0000 0000 0000    ................
0x01d0     0e47 4d54 612b 351f 0000 0000 0000 0c59    .GMTa+5........Y
0x01e0     a620 a72c 0000 0000 0000 0c00 0000 01      ...,...........
2.283051 172.22.10.253.514 -> 172.22.27.250.19029: ack 4261028611
0x0000     0000 0000 0001 0000 0000 0000 0800 4500    ..............E.
0x0010     0028 5029 4000 3f06 6c83 ac16 0afd ac16    .(P)@.?.l.......
0x0020     1bfa 0202 4a55 71b4 daf9 fdfa 2303 5010    ....JUq.....#.P.
0x0030     001e 768f 0000                             ..v...
2.283095 172.22.10.253.514 -> 172.22.27.250.19029: psh 1907677945 ack 4261028611
0x0000     0000 0000 0001 0000 0000 0000 0800 4500    ..............E.
0x0010     0040 502a 4000 3f06 6c6a ac16 0afd ac16    .@P*@.?.lj......
0x0020     1bfa 0202 4a55 71b4 daf9 fdfa 2303 5018    ....JUq.....#.P.
0x0030     001e 23cf 0000 0100 0100 0000 0031 0000    ..#..........1..
0x0040     0018 0100 0000 0000 000c 0000 4f4b         ............OK
2.283156 172.22.27.250.19029 -> 172.22.10.253.514: ack 1907677969
0x0000     0000 0000 0000 0000 0000 0000 0800 4500    ..............E.
0x0010     0028 e330 4000 4006 d87b ac16 1bfa ac16    .(.0@.@..{......
0x0020     0afd 4a55 0202 fdfa 2303 71b4 db11 5010    ..JU....#.q...P.
0x0030     00db 75ba 0000                             ..u...
2.283255 172.22.27.250.19029 -> 172.22.10.253.514: psh 4261028611 ack 1907677969
0x0000     0000 0000 0000 0000 0000 0000 0800 4500    ..............E.
0x0010     0034 e331 4000 4006 d86e ac16 1bfa ac16    .4.1@.@..n......
0x0020     0afd 4a55 0202 fdfa 2303 71b4 db11 5018    ..JU....#.q...P.
0x0030     00db 6368 0000 1100 0100 0000 0032 0000    ..ch.........2..
0x0040     000c                                       ..
2.327608 172.22.10.253.514 -> 172.22.27.250.19029: psh 1907677969 ack 4261028623
0x0000     0000 0000 0001 0000 0000 0000 0800 4500    ..............E.
0x0010     0062 502b 4000 3f06 6c47 ac16 0afd ac16    .bP+@.?.lG......
0x0020     1bfa 0202 4a55 71b4 db11 fdfa 230f 5018    ....JUq.....#.P.
0x0030     001e 192f 0000 0100 0100 0000 0032 0000    .../.........2..
0x0040     003a 0c00 0000 0000 0010 0000 0000 0000    .:..............
0x0050     0000 3300 0000 0000 0009 0631 0000 0000    ..3........1....
0x0060     0000 0c00 0010 0034 0000 0000 0000 0900    .......4........
2.327720 172.22.27.250.19029 -> 172.22.10.253.514: fin 4261028623 ack 1907678027
0x0000     0000 0000 0000 0000 0000 0000 0800 4500    ..............E.
0x0010     0028 e332 4000 4006 d879 ac16 1bfa ac16    .(.2@.@..y......
0x0020     0afd 4a55 0202 fdfa 230f 71b4 db4b 5011    ..JU....#.q..KP.
0x0030     00db 7573 0000                             ..us..
2.372021 172.22.10.253.514 -> 172.22.27.250.19029: fin 1907678027 ack 4261028624
0x0000     0000 0000 0001 0000 0000 0000 0800 4500    ..............E.
0x0010     0028 502c 4000 3f06 6c80 ac16 0afd ac16    .(P,@.?.l.......
0x0020     1bfa 0202 4a55 71b4 db4b fdfa 2310 5011    ....JUq..K..#.P.
0x0030     001e 762f 0000                             ..v/..
2.372102 172.22.27.250.19029 -> 172.22.10.253.514: ack 1907678028
0x0000     0000 0000 0000 0000 0000 0000 0800 4500    ..............E.
0x0010     0028 e333 4000 4006 d878 ac16 1bfa ac16    .(.3@.@..x......
0x0020     0afd 4a55 0202 fdfa 2310 71b4 db4c 5010    ..JU....#.q..LP.
0x0030     00db 7572 0000                             ..ur..
4.164772 172.22.27.250.17622 -> 172.22.10.253.514: psh 1996589022 ack 1116647348
0x0000     0000 0000 0000 0000 0000 0000 0800 4500    ..............E.
0x0010     0034 56b8 4000 4006 64e8 ac16 1bfa ac16    .4V.@.@.d.......
0x0020     0afd 44d6 0202 7701 87de 428e afb4 5018    ..D...w...B...P.
0x0030     00db cad9 0000 1100 0100 001d 1ac4 0000    ................
0x0040     000c                                       ..
 
4.210972 172.22.10.253.514 -> 172.22.27.250.17622: ack 1996589034
0x0000     0000 0000 0001 0000 0000 0000 0800 4500    ..............E.
0x0010     0028 0027 4000 3f06 bc85 ac16 0afd ac16    .(.'@.?.........
0x0020     1bfa 0202 44d6 428e afb4 7701 87ea 5010    ....D.B...w...P.
0x0030     0024 f885 0000                             .$....
4.211047 172.22.10.253.514 -> 172.22.27.250.17622: psh 1116647348 ack 1996589034
0x0000     0000 0000 0001 0000 0000 0000 0800 4500    ..............E.
0x0010     0062 0028 4000 3f06 bc4a ac16 0afd ac16    .b.(@.?..J......
0x0020     1bfa 0202 44d6 428e afb4 7701 87ea 5018    ....D.B...w...P.
0x0030     0024 809a 0000 0100 0100 001d 1ac4 0000    .$..............
0x0040     003a 0c00 0000 0000 0010 0000 0000 0000    .:..............
0x0050     0000 3300 0000 0000 0009 0631 0000 0000    ..3........1....
0x0060     0000 0c00 0010 0034 0000 0000 0000 0900    .......4........
4.211166 172.22.27.250.17622 -> 172.22.10.253.514: psh 1996589034 ack 1116647406
0x0000     0000 0000 0000 0000 0000 0000 0800 4500    ..............E.
0x0010     0040 56b9 4000 4006 64db ac16 1bfa ac16    .@V.@.@.d.......
0x0020     0afd 44d6 0202 7701 87ea 428e afee 5018    ..D...w...B...P.
0x0030     00db a505 0000 0100 0100 0000 0000 0000    ................
0x0040     0018 0100 0000 0000 000c 0000 4f4b         ............OK
 
4.291936 172.22.10.253.514 -> 172.22.27.250.17622: ack 1996589058
0x0000     0000 0000 0001 0000 0000 0000 0800 4500    ..............E.
0x0010     0028 0029 4000 3f06 bc83 ac16 0afd ac16    .(.)@.?.........
0x0020     1bfa 0202 44d6 428e afee 7701 8802 5010    ....D.B...w...P.
0x0030     0024 f833 0000                             .$.3..
9.174878 172.22.27.250.17622 -> 172.22.10.253.514: psh 1996589058 ack 1116647406
0x0000     0000 0000 0000 0000 0000 0000 0800 4500    ..............E.
0x0010     0034 56ba 4000 4006 64e6 ac16 1bfa ac16    .4V.@.@.d.......
0x0020     0afd 44d6 0202 7701 8802 428e afee 5018    ..D...w...B...P.
0x0030     00db ca7a 0000 1100 0100 001d 1ac5 0000    ...z............
0x0040     000c                                       ..
9.218018 172.22.10.253.514 -> 172.22.27.250.17622: ack 1996589070
0x0000     0000 0000 0001 0000 0000 0000 0800 4500    ..............E.
0x0010     0028 002a 4000 3f06 bc82 ac16 0afd ac16    .(.*@.?.........
0x0020     1bfa 0202 44d6 428e afee 7701 880e 5010    ....D.B...w...P.
0x0030     0024 f827 0000                             .$.'..
9.218089 172.22.10.253.514 -> 172.22.27.250.17622: psh 1116647406 ack 1996589070
0x0000     0000 0000 0001 0000 0000 0000 0800 4500    ..............E.
0x0010     0062 002b 4000 3f06 bc47 ac16 0afd ac16    .b.+@.?..G......
0x0020     1bfa 0202 44d6 428e afee 7701 880e 5018    ....D.B...w...P.
0x0030     0024 803b 0000 0100 0100 001d 1ac5 0000    .$.;............
0x0040     003a 0c00 0000 0000 0010 0000 0000 0000    .:..............
0x0050     0000 3300 0000 0000 0009 0631 0000 0000    ..3........1....
0x0060     0000 0c00 0010 0034 0000 0000 0000 0900    .......4........
9.218817 172.22.27.250.17622 -> 172.22.10.253.514: psh 1996589070 ack 1116647464
0x0000     0000 0000 0000 0000 0000 0000 0800 4500    ..............E.
0x0010     0040 56bb 4000 4006 64d9 ac16 1bfa ac16    .@V.@.@.d.......
0x0020     0afd 44d6 0202 7701 880e 428e b028 5018    ..D...w...B..(P.
0x0030     00db a4a7 0000 0100 0100 0000 0000 0000    ................
0x0040     0018 0100 0000 0000 000c 0000 4f4b         ............OK
9.310399 172.22.10.253.514 -> 172.22.27.250.17622: ack 1996589094
0x0000     0000 0000 0001 0000 0000 0000 0800 4500    ..............E.
0x0010     0028 002c 4000 3f06 bc80 ac16 0afd ac16    .(.,@.?.........
0x0020     1bfa 0202 44d6 428e b028 7701 8826 5010    ....D.B..(w..&P.
0x0030     0024 f7d5 0000                             .$....
12.330994 172.22.27.250.2582 -> 172.22.10.253.514: syn 255638338
0x0000     0000 0000 0000 0000 0000 0000 0800 4500    ..............E.
0x0010     003c 7d1b 4000 4006 3e7d ac16 1bfa ac16    .<}.@.@.>}......
0x0020     0afd 0a16 0202 0f3c bb42 0000 0000 a002    .......<.B......
0x0030     369c ddba 0000 0204 0576 0402 080a 17d4    6........v......
0x0040     c659 0000 0000 0103 0306                   .Y........
12.379271 172.22.10.253.514 -> 172.22.27.250.2582: syn 3940005035 ack 255638339
0x0000     0000 0000 0001 0000 0000 0000 0800 4500    ..............E.
0x0010     0034 0000 4000 3f06 bca0 ac16 0afd ac16    .4..@.?.........
0x0020     1bfa 0202 0a16 ead7 b4ab 0f3c bb43 8012    ...........<.C..
0x0030     7210 07ed 0000 0204 0576 0101 0402 0103    r........v......
0x0040     030a                                       ..
12.379387 172.22.27.250.2582 -> 172.22.10.253.514: ack 3940005036
0x0000     0000 0000 0000 0000 0000 0000 0800 4500    ..............E.
0x0010     0028 7d1c 4000 4006 3e90 ac16 1bfa ac16    .(}.@.@.>.......
0x0020     0afd 0a16 0202 0f3c bb43 ead7 b4ac 5010    .......<.C....P.
0x0030     00db b9b9 0000                             ......
12.380025 172.22.27.250.2582 -> 172.22.10.253.514: psh 255638339 ack 3940005036
0x0000     0000 0000 0000 0000 0000 0000 0800 4500    ..............E.
0x0010     01e1 7d1d 4000 4006 3cd6 ac16 1bfa ac16    ..}.@.@.<.......
0x0020     0afd 0a16 0202 0f3c bb43 ead7 b4ac 5018    .......<.C....P.
0x0030     00db 00b1 0000 0200 0100 0000 00df 0000    ................
0x0040     01b9 0300 0000 0000 0028 c849 1164 889a    .........(.I.d..
0x0050     47a7 2d89 780d 974d dba5 1769 6543 55b1    G.-.x..M...ieCU.
0x0060     34f4 1ef5 f4a6 2a4d 2a73 0400 0000 0000    4.....*M*s......
0x0070     001c dd2c d93c 31e4 563f c0db a590 5dc9    ...,.<1.V?....].
0x0080     f444 65b8 7125 1d00 0000 0000 0018 4647    .De.q%........FG
0x0090     3130 3045 3451 3137 3030 3136 3239 3d00    100Exxxxx01629=.
0x00a0     0000 0000 011f 5665 7273 696f 6e3a 2046    ......Version:.F
0x00b0     6f72 7469 4761 7465 2d31 3030 4520 7635    ortiGate-100E.v5
0x00c0     2e34 2e33 2c62 7569 6c64 3538 3733 2c31    .4.3,build5873,1
0x00d0     3631 3231 3620 2847 4129 0a56 6972 7573    61216.(GA).Virus
0x00e0     2d44 423a 2035 312e 3030 3239 3928 3230    -DB:.51.00299(20
0x00f0     3137 2d30 382d 3239 2031 373a 3135 290a    17-08-29.17:15).
0x0100     4950 532d 4442 3a20 3132 2e30 3032 3130    IPS-DB:.12.00210
0x0110     2832 3031 372d 3038 2d32 3520 3031 3a30    (2017-08-25.01:0
0x0120     3729 0a53 6572 6961 6c2d 4e75 6d62 6572    7).Serial-Number
0x0130     3a20 4647 3130 3045 3451 3137 3030 3136    :.FG100Exxxxx016
0x0140     3239 0a42 6f74 6e65 7420 4442 3a20 342e    29.Botnet.DB:.4.
0x0150     3030 3033 3628 3230 3137 2d30 382d 3239    00036(2017-08-29
0x0160     2031 303a 3030 290a 5669 7274 7561 6c20    .10:00).Virtual.
0x0170     646f 6d61 696e 2063 6f6e 6669 6775 7261    domain.configura
0x0180     7469 6f6e 3a20 6469 7361 626c 650a 4375    tion:.disable.Cu
0x0190     7272 656e 7420 4841 206d 6f64 653a 2073    rrent.HA.mode:.s
0x01a0     7461 6e64 616c 6f6e 650a 4375 7272 656e    tandalone.Curren
0x01b0     7420 4841 2067 726f 7570 3a20 0a1e 0000    t.HA.group:.....
0x01c0     0000 0000 0c00 0000 0120 0000 0000 0000    ................
0x01d0     0e47 4d54 612b 351f 0000 0000 0000 0c59    .GMTa+5........Y
0x01e0     a620 b12c 0000 0000 0000 0c00 0000 01      ...,...........
 
12.421855 172.22.10.253.514 -> 172.22.27.250.2582: ack 255638780
0x0000     0000 0000 0001 0000 0000 0000 0800 4500    ..............E.
0x0010     0028 201b 4000 3f06 9c91 ac16 0afd ac16    .(..@.?.........
0x0020     1bfa 0202 0a16 ead7 b4ac 0f3c bcfc 5010    ...........<..P.
0x0030     001e b8bd 0000                             ......
 
12.426028 172.22.10.253.514 -> 172.22.27.250.2582: psh 3940005036 ack 255638780
0x0000     0000 0000 0001 0000 0000 0000 0800 4500    ..............E.
0x0010     0040 201c 4000 3f06 9c78 ac16 0afd ac16    .@..@.?..x......
0x0020     1bfa 0202 0a16 ead7 b4ac 0f3c bcfc 5018    ...........<..P.
0x0030     001e 654f 0000 0100 0100 0000 00df 0000    ..eO............
0x0040     0018 0100 0000 0000 000c 0000 4f4b         ............OK
 
12.426091 172.22.27.250.2582 -> 172.22.10.253.514: ack 3940005060
0x0000     0000 0000 0000 0000 0000 0000 0800 4500    ..............E.
0x0010     0028 7d1e 4000 4006 3e8e ac16 1bfa ac16    .(}.@.@.>.......
0x0020     0afd 0a16 0202 0f3c bcfc ead7 b4c4 5010    .......<......P.
0x0030     00db b7e8 0000                             ......
 
12.426222 172.22.27.250.2582 -> 172.22.10.253.514: psh 255638780 ack 3940005060
0x0000     0000 0000 0000 0000 0000 0000 0800 4500    ..............E.
0x0010     0034 7d1f 4000 4006 3e81 ac16 1bfa ac16    .4}.@.@.>.......
0x0020     0afd 0a16 0202 0f3c bcfc ead7 b4c4 5018    .......<......P.
0x0030     00db a4e8 0000 1100 0100 0000 00e0 0000    ................
0x0040     000c                                       ..
 
12.467466 172.22.10.253.514 -> 172.22.27.250.2582: psh 3940005060 ack 255638792
0x0000     0000 0000 0001 0000 0000 0000 0800 4500    ..............E.
0x0010     0062 201d 4000 3f06 9c55 ac16 0afd ac16    .b..@.?..U......
0x0020     1bfa 0202 0a16 ead7 b4c4 0f3c bd08 5018    ...........<..P.
0x0030     001e 5aaf 0000 0100 0100 0000 00e0 0000    ..Z.............
0x0040     003a 0c00 0000 0000 0010 0000 0000 0000    .:..............
0x0050     0000 3300 0000 0000 0009 0631 0000 0000    ..3........1....
0x0060     0000 0c00 0010 0034 0000 0000 0000 0900    .......4........
 
12.467623 172.22.27.250.2582 -> 172.22.10.253.514: fin 255638792 ack 3940005118
0x0000     0000 0000 0000 0000 0000 0000 0800 4500    ..............E.
0x0010     0028 7d20 4000 4006 3e8c ac16 1bfa ac16    .(}.@.@.>.......
0x0020     0afd 0a16 0202 0f3c bd08 ead7 b4fe 5011    .......<......P.
0x0030     00db b7a1 0000                             ......
 
12.509912 172.22.10.253.514 -> 172.22.27.250.2582: fin 3940005118 ack 255638793
0x0000     0000 0000 0001 0000 0000 0000 0800 4500    ..............E.
0x0010     0028 201e 4000 3f06 9c8e ac16 0afd ac16    .(..@.?.........
0x0020     1bfa 0202 0a16 ead7 b4fe 0f3c bd09 5011    ...........<..P.
0x0030     001e b85d 0000                             ...]..
 
12.509992 172.22.27.250.2582 -> 172.22.10.253.514: ack 3940005119
0x0000     0000 0000 0000 0000 0000 0000 0800 4500    ..............E.
0x0010     0028 7d21 4000 4006 3e8b ac16 1bfa ac16    .(}!@.@.>.......
0x0020     0afd 0a16 0202 0f3c bd09 ead7 b4ff 5010    .......<......P.
0x0030     00db b7a0 0000                             ......
 
14.184843 172.22.27.250.17622 -> 172.22.10.253.514: psh 1996589094 ack 1116647464
0x0000     0000 0000 0000 0000 0000 0000 0800 4500    ..............E.
0x0010     0034 56bc 4000 4006 64e4 ac16 1bfa ac16    .4V.@.@.d.......
0x0020     0afd 44d6 0202 7701 8826 428e b028 5018    ..D...w..&B..(P.
0x0030     00db ca1b 0000 1100 0100 001d 1ac6 0000    ................
0x0040     000c                                       ..
 
14.231627 172.22.10.253.514 -> 172.22.27.250.17622: ack 1996589106
0x0000     0000 0000 0001 0000 0000 0000 0800 4500    ..............E.
0x0010     0028 002d 4000 3f06 bc7f ac16 0afd ac16    .(.-@.?.........
0x0020     1bfa 0202 44d6 428e b028 7701 8832 5010    ....D.B..(w..2P.
0x0030     0024 f7c9 0000                             .$....
 
14.231696 172.22.10.253.514 -> 172.22.27.250.17622: psh 1116647464 ack 1996589106
0x0000     0000 0000 0001 0000 0000 0000 0800 4500    ..............E.
0x0010     0062 002e 4000 3f06 bc44 ac16 0afd ac16    .b..@.?..D......
0x0020     1bfa 0202 44d6 428e b028 7701 8832 5018    ....D.B..(w..2P.
0x0030     0024 7fdc 0000 0100 0100 001d 1ac6 0000    .$..............
0x0040     003a 0c00 0000 0000 0010 0000 0000 0000    .:..............
0x0050     0000 3300 0000 0000 0009 0631 0000 0000    ..3........1....
0x0060     0000 0c00 0010 0034 0000 0000 0000 0900    .......4........
 
14.231795 172.22.27.250.17622 -> 172.22.10.253.514: psh 1996589106 ack 1116647522
0x0000     0000 0000 0000 0000 0000 0000 0800 4500    ..............E.
0x0010     0040 56bd 4000 4006 64d7 ac16 1bfa ac16    .@V.@.@.d.......
0x0020     0afd 44d6 0202 7701 8832 428e b062 5018    ..D...w..2B..bP.
0x0030     00db a449 0000 0100 0100 0000 0000 0000    ...I............
0x0040     0018 0100 0000 0000 000c 0000 4f4b         ............OK
 
14.315881 172.22.10.253.514 -> 172.22.27.250.17622: ack 1996589130
0x0000     0000 0000 0001 0000 0000 0000 0800 4500    ..............E.
0x0010     0028 002f 4000 3f06 bc7d ac16 0afd ac16    .(./@.?..}......
0x0020     1bfa 0202 44d6 428e b062 7701 884a 5010    ....D.B..bw..JP.
0x0030     0024 f777 0000                             .$.w..
 
^[19.194919 172.22.27.250.17622 -> 172.22.10.253.514: psh 1996589130 ack 1116647522
0x0000     0000 0000 0000 0000 0000 0000 0800 4500    ..............E.
0x0010     0034 56be 4000 4006 64e2 ac16 1bfa ac16    .4V.@.@.d.......
0x0020     0afd 44d6 0202 7701 884a 428e b062 5018    ..D...w..JB..bP.
0x0030     00db c9bc 0000 1100 0100 001d 1ac7 0000    ................
0x0040     000c                                       ..
 
19.236717 172.22.10.253.514 -> 172.22.27.250.17622: ack 1996589142
0x0000     0000 0000 0001 0000 0000 0000 0800 4500    ..............E.
0x0010     0028 0030 4000 3f06 bc7c ac16 0afd ac16    .(.0@.?..|......
0x0020     1bfa 0202 44d6 428e b062 7701 8856 5010    ....D.B..bw..VP.
0x0030     0024 f76b 0000                             .$.k..
 
19.240620 172.22.10.253.514 -> 172.22.27.250.17622: psh 1116647522 ack 1996589142
0x0000     0000 0000 0001 0000 0000 0000 0800 4500    ..............E.
0x0010     0062 0031 4000 3f06 bc41 ac16 0afd ac16    .b.1@.?..A......
0x0020     1bfa 0202 44d6 428e b062 7701 8856 5018    ....D.B..bw..VP.
0x0030     0024 7f7d 0000 0100 0100 001d 1ac7 0000    .$.}............
0x0040     003a 0c00 0000 0000 0010 0000 0000 0000    .:..............
0x0050     0000 3300 0000 0000 0009 0631 0000 0000    ..3........1....
0x0060     0000 0c00 0010 0034 0000 0000 0000 0900    .......4........
 
19.240928 172.22.27.250.17622 -> 172.22.10.253.514: psh 1996589142 ack 1116647580
0x0000     0000 0000 0000 0000 0000 0000 0800 4500    ..............E.
0x0010     0040 56bf 4000 4006 64d5 ac16 1bfa ac16    .@V.@.@.d.......
0x0020     0afd 44d6 0202 7701 8856 428e b09c 5018    ..D...w..VB...P.
0x0030     00db a3eb 0000 0100 0100 0000 0000 0000    ................
0x0040     0018 0100 0000 0000 000c 0000 4f4b         ............OK
 
19.323260 172.22.10.253.514 -> 172.22.27.250.17622: ack 1996589166
0x0000     0000 0000 0001 0000 0000 0000 0800 4500    ..............E.
0x0010     0028 0032 4000 3f06 bc7a ac16 0afd ac16    .(.2@.?..z......
0x0020     1bfa 0202 44d6 428e b09c 7701 886e 5010    ....D.B...w..nP.
0x0030     0024 f719 0000                             .$....
 
^C
44 packets received by filter
0 packets dropped by kernel




********Results on FAZ of FAZVM64-HV # diag test app fortilogd 2 ***********

FAZVM64-HV # diag test app fortilogd 2
 
Msgs received    : 5787806
  NonReliable    : 5787806
Msgs written    : 5787781
Logs received    : 17131091
Logs written    : 17131021
Flush expiry    : 2(sec), ioutil=0%
Buf-full Flush    : 0.12%
Writter 0 stats    : msg=1098012 iowrt=458053
Writter 1 stats    : msg=592612 iowrt=300763
Writter 2 stats    : msg=1274524 iowrt=479105
Writter 3 stats    : msg=2822641 iowrt=486945
Cache buf cnt    : 28506, 1489 (29995)
 
 
FAZVM64-HV # diag test app fortilogd 2
 
Msgs received    : 5787901
  NonReliable    : 5787901
Msgs written    : 5787872
Logs received    : 17131356
Logs written    : 17131273
Flush expiry    : 2(sec), ioutil=2%
Buf-full Flush    : 0.12%
Writter 0 stats    : msg=1098029 iowrt=458062
Writter 1 stats    : msg=592619 iowrt=300768
Writter 2 stats    : msg=1274544 iowrt=479113
Writter 3 stats    : msg=2822680 iowrt=486956
Cache buf cnt    : 28411, 1577 (29988)
 
 
FAZVM64-HV # diag test app fortilogd 2
 
Msgs received    : 5787967
  NonReliable    : 5787967
Msgs written    : 5787947
Logs received    : 17131520
Logs written    : 17131474
Flush expiry    : 2(sec), ioutil=0%
Buf-full Flush    : 0.12%
Writter 0 stats    : msg=1098051 iowrt=458076
Writter 1 stats    : msg=592628 iowrt=300774
Writter 2 stats    : msg=1274558 iowrt=479120
Writter 3 stats    : msg=2822710 iowrt=486963
Cache buf cnt    : 28345, 1648 (29993





*******Results on FAZ of diag fortilogd msgrate-device *****************

FAZVM64-HV # diag fortilogd msgrate-device
 
Log messages per second
Totals                    Last Hour       Day      Week
-------------------------------------------------------
    FGHA001863xxxxx_CID:      1.53      1.85      1.47
        FGT60Dxxxxx10045:      0.84      0.97      0.79
    FGHA002019xxxxx8_CID:      1.04      7.43      4.58
        FGT60Dxxxxx19990:      0.78      1.14      0.81
        FWF90Dxxxxx06161:      0.87      1.66      1.28
        FGT80Cxxxxx7379:      1.95      2.80      2.17
        FWF90Dxxxxx00929:      1.96      2.37      1.93
        FGT60Dxxxxx73936:      0.50      2.37      1.53
        FGT60Exxxxx77654:      0.71      1.16      1.03
        FG100Dxxxxx03252:      8.46     12.70      8.62
        FGT60Cxxxxx13586:      0.79      1.07      0.81
        FGT60Exxxxx91388:      0.13      0.16      0.16
        FGT90Dxxxxx07335:      2.65      3.92      3.12
    FGHA000693xxxxx7_CID:      0.02      0.02      0.02
        FGT60Exxxxx79662:      0.02      0.02      0.02



 

*************Results on FAZ of diag test app logfi 5 ************

FAZVM64-HV # diag test app logfi 5 FG100Exxxxx01629
Device: FG100Exxxxx01629
  quota         : unlimited, last_scan=0, last_dvm_update=1503765981
  files         : log=0.0KB, quarantine=0.0KB, content=0.0KB, ips=0.0KB
  quota-trimmed:: log=0(0.0KB), quarantine=0(0.0KB), content=0(0.0KB), ips=0(0.0KB)




***********Results on FAZ of diag test app sqll 84 ************

FAZVM64-HV # diag test app sqll 84
sn=SYSLOG-AC645801 ip=0.0.0.0
sn=SYSLOG-C0A801FB ip=0.0.0.0
 
Total Unregistered Devices: 2


(NOTE: The FGT in question is NOT one of these unregistered devices.) 




**********Results on FAZ of diag test app oft 4 FG100Exxxxx01629 (3 times)***********

FAZVM64-HV # diag test app oft 4 FG100Exxxxx01629
#1     wrk_id=1 devid=FG100Exxxxx01629 ip=172.22.27.250 firmware=FortiGate 5.4.3,build5873 (GA) #msgs=3 sock=17 epoll-flag=1 last-req-type=DISK_USAGE_REQUEST last-req-time=546599 last-msg-io=546599 #recv-timeout=0 #tcp-logs=0 #quar-files-succ=0 #quar-files-fail=0 #cont-files-succ=0 #cont-files-fail=0 highest-block-time-to-commit=0 #store-log-succ=0 #store-log-fail=0 #store-log-import-fail=0 started=Tue Aug 29 21:25:31 2017
 last-log-store: start=0 end=0 time-used=0 ack-code=0 size=0 import-time-used=0
 
#2     wrk_id=1 devid=FG100Exxxxx01629 ip=172.22.27.250 firmware=FortiGate 5.4.3,build5873 (GA) #msgs=117360 sock=40 epoll-flag=1 last-req-type=DISK_USAGE_REQUEST last-req-time=546734 last-msg-io=546734 #recv-timeout=0 #tcp-logs=0 #quar-files-succ=0 #quar-files-fail=0 #cont-files-succ=0 #cont-files-fail=0 highest-block-time-to-commit=0 #store-log-succ=0 #store-log-fail=0 #store-log-import-fail=0 started=Sat Aug 26 11:45:56 2017
 last-log-store: start=0 end=0 time-used=0 ack-code=0 size=0 import-time-used=0

FAZVM64-HV # diag test app oft 4 FG100Exxxxx01629
#1     wrk_id=1 devid=FG100Exxxxx01629 ip=172.22.27.250 firmware=FortiGate 5.4.3,build5873 (GA) #msgs=3 sock=17 epoll-flag=1 last-req-type=DISK_USAGE_REQUEST last-req-time=546599 last-msg-io=546599 #recv-timeout=0 #tcp-logs=0 #quar-files-succ=0 #quar-files-fail=0 #cont-files-succ=0 #cont-files-fail=0 highest-block-time-to-commit=0 #store-log-succ=0 #store-log-fail=0 #store-log-import-fail=0 started=Tue Aug 29 21:25:31 2017
 last-log-store: start=0 end=0 time-used=0 ack-code=0 size=0 import-time-used=0
 
#2     wrk_id=1 devid=FG100Exxxxx01629 ip=172.22.27.250 firmware=FortiGate 5.4.3,build5873 (GA) #msgs=117384 sock=40 epoll-flag=1 last-req-type=DISK_USAGE_REQUEST last-req-time=546794 last-msg-io=546794 #recv-timeout=0 #tcp-logs=0 #quar-files-succ=0 #quar-files-fail=0 #cont-files-succ=0 #cont-files-fail=0 highest-block-time-to-commit=0 #store-log-succ=0 #store-log-fail=0 #store-log-import-fail=0 started=Sat Aug 26 11:45:56 2017
 last-log-store: start=0 end=0 time-used=0 ack-code=0 size=0 import-time-used=0


FAZVM64-HV # diag test app oft 4 FG100Exxxxx01629
#1     wrk_id=1 devid=FG100Exxxxx01629 ip=172.22.27.250 firmware=FortiGate 5.4.3,build5873 (GA) #msgs=3 sock=17 epoll-flag=1 last-req-type=DISK_USAGE_REQUEST last-req-time=546599 last-msg-io=546599 #recv-timeout=0 #tcp-logs=0 #quar-files-succ=0 #quar-files-fail=0 #cont-files-succ=0 #cont-files-fail=0 highest-block-time-to-commit=0 #store-log-succ=0 #store-log-fail=0 #store-log-import-fail=0 started=Tue Aug 29 21:25:31 2017
 last-log-store: start=0 end=0 time-used=0 ack-code=0 size=0 import-time-used=0
 
#2     wrk_id=1 devid=FG100Exxxxx01629 ip=172.22.27.250 firmware=FortiGate 5.4.3,build5873 (GA) #msgs=117408 sock=40 epoll-flag=1 last-req-type=DISK_USAGE_REQUEST last-req-time=546855 last-msg-io=546855 #recv-timeout=0 #tcp-logs=0 #quar-files-succ=0 #quar-files-fail=0 #cont-files-succ=0 #cont-files-fail=0 highest-block-time-to-commit=0 #store-log-succ=0 #store-log-fail=0 #store-log-import-fail=0 started=Sat Aug 26 11:45:56 2017
 last-log-store: start=0 end=0 time-used=0 ack-code=0 size=0 import-time-used=0



*********** Results on FAZ of diag deb cra read ***************************

2017-01-28 14:00:59 <17681> CS:  0033   FS: 0000   GS: 0000
2017-01-28 14:00:59 <17681> Trap: 0000000000000000     Error: 0000000000000000
2017-01-28 14:00:59 <17681> OldMask: 0000000000000000
2017-01-28 14:00:59 <17681> CR2: 0000000000000000
2017-01-28 14:00:59 <17681> Backtrace:
2017-01-28 14:00:59 <17681> [0x7ff9354ebfc4] => ../../lib/libsegfault.so  liboffset 00001fc4
2017-01-28 14:00:59 <17681> [0x7ff935814ecf] => ../../lib/libpthread.so.0  liboffset 0000cecf
2017-01-28 14:00:59
 
2017-01-28 14:00:59 <17683> firmware FAZVM64-HV-5.4-build1019-160217 [VM]
2017-01-28 14:00:59 <17683> application fmgd
2017-01-28 14:00:59 <17683> *** signal 6 (Aborted) received ***
2017-01-28 14:00:59 <17683> Register dump:
2017-01-28 14:00:59 <17683> RAX: 0000000000000000    RBX: 00007fff3b370c30
2017-01-28 14:00:59 <17683> RCX: ffffffffffffffff    RDX: 0000000000000006
2017-01-28 14:00:59 <17683> R8:  0000000000004513    R9:  0000000000000006
2017-01-28 14:00:59 <17683> R10: 0000000000000008    R11: 0000000000000202
2017-01-28 14:00:59 <17683> R12: 00007fff3b3712b0    R13: 0000000000000007
2017-01-28 14:00:59 <17683> R14: 00007fff3b370d50    R15: 00007ff92fe79b18
2017-01-28 14:00:59 <17683> RSI: 0000000000004513    RDI: 0000000000004513
2017-01-28 14:00:59 <17683> RBP: 00007ff92edea730    RSP: 00007fff3b370b88
2017-01-28 14:00:59 <17683> RIP: 00007ff92fda544b    EFLAGS: 0000000000000202
2017-01-28 14:00:59 <17683> CS:  0033   FS: 0000   GS: 0000
2017-01-28 14:00:59 <17683> Trap: 0000000000000000     Error: 0000000000000000
2017-01-28 14:00:59 <17683> OldMask: 0000000000000000
2017-01-28 14:00:59 <17683> CR2: 0000000000000000
2017-01-28 14:00:59 <17683> Backtrace:
2017-01-28 14:00:59 <17683> [0x7ff9354ebfc4] => ../../lib/libsegfault.so  liboffset 00001fc4
2017-01-28 14:00:59 <17683> [0x7ff935814ecf] => ../../lib/libpthread.so.0  liboffset 0000cecf
2017-01-28 14:00:59
 
2017-02-28 15:10:46 <00611> firmware FAZVM64-HV-5.4-build1019-160217 [VM]
2017-02-28 15:10:46 <00611> application oftpd
2017-02-28 15:10:46 <00611> *** signal 11 (Segmentation fault) received ***
2017-02-28 15:10:46 <00611> Register dump:
2017-02-28 15:10:46 <00611> RAX: 0000000000000003    RBX: 000000000196b100
2017-02-28 15:10:46 <00611> RCX: 0000000000000000    RDX: 000000000192f6d0
2017-02-28 15:10:46 <00611> R8:  0000000000000000    R9:  0000203a22656761
2017-02-28 15:10:46 <00611> R10: 000000000192f6d0    R11: 0000000000000001
2017-02-28 15:10:46 <00611> R12: 00000000018e5920    R13: 00000000018fa1f0
2017-02-28 15:10:46 <00611> R14: 0000000001935c20    R15: 0000000000000003
2017-02-28 15:10:46 <00611> RSI: 00000000018e5920    RDI: 000000000196b100
2017-02-28 15:10:46 <00611> RBP: 00000000412a4080    RSP: 00000000412a4048
2017-02-28 15:10:46 <00611> RIP: 0000000000000000    EFLAGS: 0000000000010206
2017-02-28 15:10:46 <00611> CS:  0033   FS: 0000   GS: 0000
2017-02-28 15:10:46 <00611> Trap: 000000000000000e     Error: 0000000000000014
2017-02-28 15:10:46 <00611> OldMask: 0000000000000000
2017-02-28 15:10:46 <00611> CR2: 0000000000000000
2017-02-28 15:10:46 <00611> Backtrace:
2017-02-28 15:10:46 <00611> [0x00000000]  
2017-02-28 15:10:46 <00611> [0x7f3f3d04af01] => ../../../lib/libjson.so (vfprintf+0x00002f01)
2017-02-28 15:10:46 <00611> [0x7f3f3d04b293] => ../../../lib/libjson.so (vfprintf+0x00003293)
2017-02-28 15:10:46 <00611> [0x7f3f3d04b622] => ../../../lib/libjson.so (json_object_to_json_string+0x00000040)
2017-02-28 15:10:46 <00611> [0x0042256a] => /bin/oftpd  
2017-02-28 15:10:46 <00611> [0x00423cf9] => /bin/oftpd  
2017-02-28 15:10:46 <00611> [0x00417561] => /bin/oftpd  
2017-02-28 15:10:46 <00611> [0x0042d229] => /bin/oftpd  
2017-02-28 15:10:46 <00611> [0x7f3f3c55520a] => ../../../lib/libpthread.so.0  
2017-02-28 15:10:46
 
2017-02-28 15:10:53 <01642> firmware FAZVM64-HV-5.4-build1019-160217 [VM]
2017-02-28 15:10:53 <01642> application oftpd
2017-02-28 15:10:53 <01642> *** signal 11 (Segmentation fault) received ***
2017-02-28 15:10:53 <01642> Register dump:
2017-02-28 15:10:53 <01642> RAX: 00000000027715d0    RBX: 0000000000000000
2017-02-28 15:10:53 <01642> RCX: 0000000000000000    RDX: 000000000000000a
2017-02-28 15:10:53 <01642> R8:  fefefefefefefeff    R9:  0000000000000000
2017-02-28 15:10:53 <01642> R10: 00000000027715d0    R11: 00007fce9b5d6bf0
2017-02-28 15:10:53 <01642> R12: 00000000027715d0    R13: 0000000002810450
2017-02-28 15:10:53 <01642> R14: 000000000043dcfa    R15: 0000000043389ce0
2017-02-28 15:10:53 <01642> RSI: 000000000043dcfa    RDI: 000000000043dcfa
2017-02-28 15:10:53 <01642> RBP: 0000000043389860    RSP: 0000000043389840
2017-02-28 15:10:53 <01642> RIP: 00007fce9c0cbc3d    EFLAGS: 0000000000010202
2017-02-28 15:10:53 <01642> CS:  0033   FS: 0000   GS: 0000
2017-02-28 15:10:53 <01642> Trap: 000000000000000e     Error: 0000000000000004
2017-02-28 15:10:53 <01642> OldMask: 0000000000000000
2017-02-28 15:10:53 <01642> CR2: 0000000000000048
2017-02-28 15:10:53 <01642> Backtrace:
2017-02-28 15:10:53 <01642> [0x7fce9c0cbc3d] => ../../../lib/libjson.so (lh_table_lookup_entry+0x00000014)
2017-02-28 15:10:53 <01642> [0x7fce9c0cbda4] => ../../../lib/libjson.so (lh_table_delete+0x00000011)
2017-02-28 15:10:53 <01642> [0x7fce9c0ca551] => ../../../lib/libjson.so (json_object_object_add+0x00000030)
2017-02-28 15:10:53 <01642> [0x00422130] => /bin/oftpd  
2017-02-28 15:10:53 <01642> [0x00423c20] => /bin/oftpd  
2017-02-28 15:10:53 <01642> [0x00417561] => /bin/oftpd  
2017-02-28 15:10:53 <01642> [0x0042d229] => /bin/oftpd  
2017-02-28 15:10:53 <01642> [0x7fce9b5d420a] => ../../../lib/libpthread.so.0  
2017-02-28 15:10:53
 
2017-02-28 15:11:08 <01691> firmware FAZVM64-HV-5.4-build1019-160217 [VM]
2017-02-28 15:11:08 <01691> application oftpd
2017-02-28 15:11:08 <01691> *** signal 11 (Segmentation fault) received ***
2017-02-28 15:11:08 <01691> Register dump:
2017-02-28 15:11:08 <01691> RAX: 0000000000000000    RBX: 00000000024680c0
2017-02-28 15:11:08 <01691> RCX: 00000000024f0860    RDX: 637265705f64656e
2017-02-28 15:11:08 <01691> R8:  0000000000000000    R9:  2fa46472d779e625
2017-02-28 15:11:08 <01691> R10: 0000000000000000    R11: 00007f0b0f1e1e74
2017-02-28 15:11:08 <01691> R12: 0000000000000020    R13: 0000000000000260
2017-02-28 15:11:08 <01691> R14: 00007f0b0ea209f0    R15: 00007f0b0ea20980
2017-02-28 15:11:08 <01691> RSI: 00007f0b0e8ffc20    RDI: 00007f0b0ea20980
2017-02-28 15:11:08 <01691> RBP: 00000000024680e0    RSP: 0000000042bc40d0
2017-02-28 15:11:08 <01691> RIP: 00007f0b0e865150    EFLAGS: 0000000000010202
2017-02-28 15:11:08 <01691> CS:  0033   FS: 0000   GS: 0000
2017-02-28 15:11:08 <01691> Trap: 000000000000000e     Error: 0000000000000004
2017-02-28 15:11:08 <01691> OldMask: 0000000000000000
2017-02-28 15:11:08 <01691> CR2: 0000000000000018
2017-02-28 15:11:08 <01691> Backtrace:
2017-02-28 15:11:08 <01691> [0x7f0b135c8fc4] => ../../../lib/libsegfault.so  liboffset 00001fc4
2017-02-28 15:11:08 <01691> [0x7f0b0e82b4df] => ../../../lib/libc.so.6  
2017-02-28 15:11:08
 
2017-02-28 15:11:17 <01936> firmware FAZVM64-HV-5.4-build1019-160217 [VM]
2017-02-28 15:11:17 <01936> application oftpd
2017-02-28 15:11:17 <01936> *** signal 11 (Segmentation fault) received ***
2017-02-28 15:11:17 <01936> Register dump:
2017-02-28 15:11:17 <01936> RAX: 00007eff3a72f064    RBX: 00007f003a72ecc4
2017-02-28 15:11:17 <01936> RCX: 0000000000000000    RDX: 00007eff3a72f064
2017-02-28 15:11:17 <01936> R8:  00007f003a72ecb0    R9:  0000000000001000
2017-02-28 15:11:17 <01936> R10: 0000000000000000    R11: 0000000000000000
2017-02-28 15:11:17 <01936> R12: 00007f003a72f114    R13: 00007f003a72ecb4
2017-02-28 15:11:17 <01936> R14: 00007f003a72ecb4    R15: 0000000000000000
2017-02-28 15:11:17 <01936> RSI: 00007f003a72ecb0    RDI: 00007f003a72db24
2017-02-28 15:11:17 <01936> RBP: 0000000042b52790    RSP: 0000000042b52790
2017-02-28 15:11:17 <01936> RIP: 00007f0055226d9b    EFLAGS: 0000000000010202
2017-02-28 15:11:17 <01936> CS:  0033   FS: 0000   GS: 0000
2017-02-28 15:11:17 <01936> Trap: 000000000000000e     Error: 0000000000000004
2017-02-28 15:11:17 <01936> OldMask: 0000000000000000
2017-02-28 15:11:17 <01936> CR2: 00007eff3a72f074
2017-02-28 15:11:17 <01936> Backtrace:
2017-02-28 15:11:17 <01936> [0x7f0055226d9b] => ../../../lib/libfgfmevent.so (rb_next+0x00000020) liboffset 00012d9b
2017-02-28 15:11:17 <01936> [0x7f0055227de4] => ../../../lib/libfgfmevent.so  liboffset 00013de4
2017-02-28 15:11:17 <01936> [0x7f0055229058] => ../../../lib/libfgfmevent.so (destroy_obj+0x00000065) liboffset 00015058
2017-02-28 15:11:17 <01936> [0x7f005522b315] => ../../../lib/libfgfmevent.so  liboffset 00017315
2017-02-28 15:11:17 <01936> [0x7f0055229058] => ../../../lib/libfgfmevent.so (destroy_obj+0x00000065) liboffset 00015058
2017-02-28 15:11:17 <01936> [0x7f005522cea0] => ../../../lib/libfgfmevent.so  liboffset 00018ea0
2017-02-28 15:11:17 <01936> [0x7f0055229058] => ../../../lib/libfgfmevent.so (destroy_obj+0x00000065) liboffset 00015058
2017-02-28 15:11:17 <01936> [0x7f00517a2191] => ../../../lib/libsvcclt.so (__get_obj_list_ext+0x000000b3)
2017-02-28 15:11:17 <01936> [0x7f00580fecab] => ../../../lib/libfazcore_context.so  liboffset 0000ccab
2017-02-28 15:11:17 <01936> [0x7f00580ff5bb] => ../../../lib/libfazcore_context.so  liboffset 0000d5bb
2017-02-28 15:11:17 <01936> [0x00421bdd] => /bin/oftpd  
2017-02-28 15:11:17 <01936> [0x0042210e] => /bin/oftpd  
2017-02-28 15:11:17 <01936> [0x00423c20] => /bin/oftpd  
2017-02-28 15:11:17 <01936> [0x00417561] => /bin/oftpd  
2017-02-28 15:11:17 <01936> [0x0042d229] => /bin/oftpd  
2017-02-28 15:11:17 <01936> [0x7f00523cc20a] => ../../../lib/libpthread.so.0  
2017-02-28 15:11:17
 
2017-02-28 15:11:21 <02117> firmware FAZVM64-HV-5.4-build1019-160217 [VM]
2017-02-28 15:11:21 <02117> application oftpd
2017-02-28 15:11:21 <02117> *** signal 11 (Segmentation fault) received ***
2017-02-28 15:11:21 <02117> Register dump:
2017-02-28 15:11:21 <02117> RAX: 00007f18f51a012d    RBX: 0000000000958284
2017-02-28 15:11:21 <02117> RCX: 00000000009a0530    RDX: 0000000000000021
2017-02-28 15:11:21 <02117> R8:  00000000009a0530    R9:  0000000000000000
2017-02-28 15:11:21 <02117> R10: 0000000000000000    R11: 0000000000000000
2017-02-28 15:11:21 <02117> R12: 0000000000958b04    R13: 0000000000940da4
2017-02-28 15:11:21 <02117> R14: 0000000000940dac    R15: 00000000006c9600
2017-02-28 15:11:21 <02117> RSI: ffffffff009582f4    RDI: ffffffff009582f4
2017-02-28 15:11:21 <02117> RBP: 0000000040e91660    RSP: 0000000040e91660
2017-02-28 15:11:21 <02117> RIP: 00007f18f51a20e3    EFLAGS: 0000000000010282
2017-02-28 15:11:21 <02117> CS:  0033   FS: 0000   GS: 0000
2017-02-28 15:11:21 <02117> Trap: 000000000000000e     Error: 0000000000000005
2017-02-28 15:11:21 <02117> OldMask: 0000000000000000
2017-02-28 15:11:21 <02117> CR2: ffffffff009582f4
2017-02-28 15:11:21 <02117> Backtrace:
2017-02-28 15:11:21 <02117> [0x7f18f51a20e3] => ../../../lib/libfgfmevent.so (obj_put+0x00000009) liboffset 000150e3
2017-02-28 15:11:21 <02117> [0x7f18f51a0d29] => ../../../lib/libfgfmevent.so  liboffset 00013d29
2017-02-28 15:11:21 <02117> [0x7f18f51a0dff] => ../../../lib/libfgfmevent.so  liboffset 00013dff
2017-02-28 15:11:21 <02117> [0x7f18f51a2058] => ../../../lib/libfgfmevent.so (destroy_obj+0x00000065) liboffset 00015058
2017-02-28 15:11:21 <02117> [0x7f18f51a4315] => ../../../lib/libfgfmevent.so  liboffset 00017315
2017-02-28 15:11:21 <02117> [0x7f18f51a2058] => ../../../lib/libfgfmevent.so (destroy_obj+0x00000065) liboffset 00015058
2017-02-28 15:11:21 <02117> [0x7f18f51a37f8] => ../../../lib/libfgfmevent.so  liboffset 000167f8
2017-02-28 15:11:21 <02117> [0x7f18f51a2058] => ../../../lib/libfgfmevent.so (destroy_obj+0x00000065) liboffset 00015058
2017-02-28 15:11:21 <02117> [0x7f18f51a4315] => ../../../lib/libfgfmevent.so  liboffset 00017315
2017-02-28 15:11:21 <02117> [0x7f18f51a2058] => ../../../lib/libfgfmevent.so (destroy_obj+0x00000065) liboffset 00015058
2017-02-28 15:11:21 <02117> [0x7f18f51a0d29] => ../../../lib/libfgfmevent.so  liboffset 00013d29
2017-02-28 15:11:21 <02117> [0x7f18f51a0dff] => ../../../lib/libfgfmevent.so  liboffset 00013dff
2017-02-28 15:11:21 <02117> [0x7f18f51a2058] => ../../../lib/libfgfmevent.so (destroy_obj+0x00000065) liboffset 00015058
2017-02-28 15:11:21 <02117> [0x7f18f51a4315] => ../../../lib/libfgfmevent.so  liboffset 00017315
2017-02-28 15:11:21 <02117> [0x7f18f51a2058] => ../../../lib/libfgfmevent.so (destroy_obj+0x00000065) liboffset 00015058
2017-02-28 15:11:21 <02117> [0x7f18f51a5ea0] => ../../../lib/libfgfmevent.so  liboffset 00018ea0
2017-02-28 15:11:21 <02117> [0x7f18f51a2058] => ../../../lib/libfgfmevent.so (destroy_obj+0x00000065) liboffset 00015058
2017-02-28 15:11:21 <02117> [0x7f18f171af9d] => ../../../lib/libsvcclt.so (__dvm_clt_get_member_master+0x00000182)
2017-02-28 15:11:21 <02117> [0x7f18f80768c6] => ../../../lib/libfazcore_context.so  liboffset 0000b8c6
2017-02-28 15:11:21 <02117> [0x00421c1a] => /bin/oftpd  
2017-02-28 15:11:21 <02117> [0x0042210e] => /bin/oftpd  
2017-02-28 15:11:21 <02117> [0x00423c20] => /bin/oftpd  
2017-02-28 15:11:21 <02117> [0x00417561] => /bin/oftpd  
2017-02-28 15:11:21 <02117> [0x0042d229] => /bin/oftpd  
2017-02-28 15:11:21 <02117> [0x7f18f234520a] => ../../../lib/libpthread.so.0  
2017-02-28 15:11:21
 
2017-02-28 15:11:56 <02163> firmware FAZVM64-HV-5.4-build1019-160217 [VM]
2017-02-28 15:11:56 <02163> application oftpd
2017-02-28 15:11:56 <02163> *** signal 11 (Segmentation fault) received ***
2017-02-28 15:11:56 <02163> Register dump:
2017-02-28 15:11:56 <02163> RAX: 00007f944ed7a66f    RBX: 0000000002739be0
2017-02-28 15:11:56 <02163> RCX: 0000000000000008    RDX: 0000000000000008
2017-02-28 15:11:56 <02163> R8:  00000000000001ff    R9:  000000000000087f
2017-02-28 15:11:56 <02163> R10: 00000002739c13f8    R11: 00007f944ed7aa80
2017-02-28 15:11:56 <02163> R12: 00000000027653df    R13: 000000000277b9f8
2017-02-28 15:11:56 <02163> R14: 00000000000001d1    R15: 00000000000001d1
2017-02-28 15:11:56 <02163> RSI: 000000000277b9f8    RDI: 00000002739c13f8
2017-02-28 15:11:56 <02163> RBP: 0000000000000008    RSP: 0000000041fafdd8
2017-02-28 15:11:56 <02163> RIP: 00007f944dbf7430    EFLAGS: 0000000000010287
2017-02-28 15:11:56 <02163> CS:  0033   FS: 0000   GS: 0000
2017-02-28 15:11:56 <02163> Trap: 000000000000000e     Error: 0000000000000006
2017-02-28 15:11:56 <02163> OldMask: 0000000000000000
2017-02-28 15:11:56 <02163> CR2: 00000002739c13f8
2017-02-28 15:11:56 <02163> Backtrace:
2017-02-28 15:11:56 <02163> [0x7f9452952fc4] => ../../../lib/libsegfault.so  liboffset 00001fc4
2017-02-28 15:11:56 <02163> [0x7f944dbb54df] => ../../../lib/libc.so.6  
2017-02-28 15:11:56
 
2017-04-04 12:44:58 <00611> firmware FAZVM64-HV-5.4-build1019-160217 [VM]
2017-04-04 12:44:58 <00611> application oftpd
2017-04-04 12:44:58 <00611> *** signal 11 (Segmentation fault) received ***
2017-04-04 12:44:58 <00611> Register dump:
2017-04-04 12:44:58 <00611> RAX: 0000000000000000    RBX: 0000000001fff5a0
2017-04-04 12:44:58 <00611> RCX: 0000000001ff9e00    RDX: 0000000001fe93b0
2017-04-04 12:44:58 <00611> R8:  0000000001eafbe8    R9:  0000000080000000
2017-04-04 12:44:58 <00611> R10: 0000000000000000    R11: 00007ff8e1a05bf0
2017-04-04 12:44:58 <00611> R12: 00007ff8cc3bd368    R13: 0000000000000001
2017-04-04 12:44:58 <00611> R14: 0000000000000001    R15: 00007ff8cc3bd890
2017-04-04 12:44:58 <00611> RSI: 0000000000002000    RDI: 00000001f7fc7000
2017-04-04 12:44:58 <00611> RBP: 00000000020102af    RSP: 0000000042588fb8
2017-04-04 12:44:58 <00611> RIP: 00007ff8e2c73215    EFLAGS: 0000000000010246
2017-04-04 12:44:58 <00611> CS:  0033   FS: 0000   GS: 0000
2017-04-04 12:44:58 <00611> Trap: 000000000000000e     Error: 0000000000000006
2017-04-04 12:44:58 <00611> OldMask: 0000000000000000
2017-04-04 12:44:58 <00611> CR2: 00000001f7fc7000
2017-04-04 12:44:58 <00611> Backtrace:
2017-04-04 12:44:58 <00611> [0x7ff8e68dffc4] => ../../../lib/libsegfault.so  liboffset 00001fc4
2017-04-04 12:44:58 <00611> [0x7ff8e1b424df] => ../../../lib/libc.so.6  
2017-04-04 12:44:58
 
2017-04-17 16:09:25 <19871> firmware FAZVM64-HV-5.4-build1019-160217 [VM]
2017-04-17 16:09:25 <19871> application oftpd
2017-04-17 16:09:25 <19871> *** signal 11 (Segmentation fault) received ***
2017-04-17 16:09:25 <19871> Register dump:
2017-04-17 16:09:25 <19871> RAX: ffffffff00c3cc44    RBX: 0000000000c3a464
2017-04-17 16:09:25 <19871> RCX: 0000000000000000    RDX: ffffffff00c3cc44
2017-04-17 16:09:25 <19871> R8:  0000000000c3a450    R9:  0000000000040000
2017-04-17 16:09:25 <19871> R10: 0000000000000000    R11: 0000000000000000
2017-04-17 16:09:25 <19871> R12: 0000000000c43d04    R13: 0000000000c3a454
2017-04-17 16:09:25 <19871> R14: 0000000000c3a454    R15: 0000000000000000
2017-04-17 16:09:25 <19871> RSI: 0000000000c3a450    RDI: 0000000000c44374
2017-04-17 16:09:25 <19871> RBP: 00000000412b2840    RSP: 00000000412b2840
2017-04-17 16:09:25 <19871> RIP: 00007fe4ecf21d9b    EFLAGS: 0000000000010286
2017-04-17 16:09:25 <19871> CS:  0033   FS: 0000   GS: 0000
2017-04-17 16:09:25 <19871> Trap: 000000000000000e     Error: 0000000000000005
2017-04-17 16:09:25 <19871> OldMask: 0000000000000000
2017-04-17 16:09:25 <19871> CR2: ffffffff00c3cc54
2017-04-17 16:09:25 <19871> Backtrace:
2017-04-17 16:09:25 <19871> [0x7fe4ecf21d9b] => ../../../lib/libfgfmevent.so (rb_next+0x00000020) liboffset 00012d9b
2017-04-17 16:09:25 <19871> [0x7fe4ecf22de4] => ../../../lib/libfgfmevent.so  liboffset 00013de4
2017-04-17 16:09:25 <19871> [0x7fe4ecf24058] => ../../../lib/libfgfmevent.so (destroy_obj+0x00000065) liboffset 00015058
2017-04-17 16:09:25 <19871> [0x7fe4ecf26315] => ../../../lib/libfgfmevent.so  liboffset 00017315
2017-04-17 16:09:25 <19871> [0x7fe4ecf24058] => ../../../lib/libfgfmevent.so (destroy_obj+0x00000065) liboffset 00015058
2017-04-17 16:09:25 <19871> [0x7fe4ecf27ea0] => ../../../lib/libfgfmevent.so  liboffset 00018ea0
2017-04-17 16:09:25 <19871> [0x7fe4ecf24058] => ../../../lib/libfgfmevent.so (destroy_obj+0x00000065) liboffset 00015058
2017-04-17 16:09:25 <19871> [0x7fe4e949d191] => ../../../lib/libsvcclt.so (__get_obj_list_ext+0x000000b3)
2017-04-17 16:09:25 <19871> [0x7fe4efdf9cab] => ../../../lib/libfazcore_context.so  liboffset 0000ccab
2017-04-17 16:09:25 <19871> [0x7fe4efdfa5bb] => ../../../lib/libfazcore_context.so  liboffset 0000d5bb
2017-04-17 16:09:25 <19871> [0x004159bc] => /bin/oftpd  
2017-04-17 16:09:25 <19871> [0x0041808e] => /bin/oftpd  
2017-04-17 16:09:25 <19871> [0x00418d9d] => /bin/oftpd  
2017-04-17 16:09:25 <19871> [0x7fe4ea0c720a] => ../../../lib/libpthread.so.0  
2017-04-17 16:09:25
 
2017-05-03 09:04:44 <00610> firmware FAZVM64-HV-5.4-build1019-160217 [VM]
2017-05-03 09:04:44 <00610> application oftpd
2017-05-03 09:04:44 <00610> *** signal 11 (Segmentation fault) received ***
2017-05-03 09:04:44 <00610> Register dump:
2017-05-03 09:04:44 <00610> RAX: ffffffff00000000    RBX: 00000000021d7294
2017-05-03 09:04:44 <00610> RCX: 0000000000000000    RDX: ffffffff00000000
2017-05-03 09:04:44 <00610> R8:  00000000021d7290    R9:  0000000000000000
2017-05-03 09:04:44 <00610> R10: 0000000042b3f0a0    R11: 0000000000000000
2017-05-03 09:04:44 <00610> R12: 000000000220f3a4    R13: 00000000021d7294
2017-05-03 09:04:44 <00610> R14: 00000000021d7294    R15: 0000000000000000
2017-05-03 09:04:44 <00610> RSI: 00000000021d7290    RDI: 000000000220f3ec
2017-05-03 09:04:44 <00610> RBP: 0000000042b3ef40    RSP: 0000000042b3ef40
2017-05-03 09:04:44 <00610> RIP: 00007f93ced7bd4f    EFLAGS: 0000000000010286
2017-05-03 09:04:44 <00610> CS:  0033   FS: 0000   GS: 0000
2017-05-03 09:04:44 <00610> Trap: 000000000000000e     Error: 0000000000000005
2017-05-03 09:04:44 <00610> OldMask: 0000000000000000
2017-05-03 09:04:44 <00610> CR2: ffffffff00000010
2017-05-03 09:04:44 <00610> Backtrace:
2017-05-03 09:04:45 <00610> [0x7f93ced7bd4f] => ../../../lib/libfgfmevent.so (rb_first+0x0000000c) liboffset 00012d4f
2017-05-03 09:04:45 <00610> [0x7f93ced7cdd6] => ../../../lib/libfgfmevent.so  liboffset 00013dd6
2017-05-03 09:04:45 <00610> [0x7f93ced7e058] => ../../../lib/libfgfmevent.so (destroy_obj+0x00000065) liboffset 00015058
2017-05-03 09:04:45 <00610> [0x7f93ced80315] => ../../../lib/libfgfmevent.so  liboffset 00017315
2017-05-03 09:04:45 <00610> [0x7f93ced7e058] => ../../../lib/libfgfmevent.so (destroy_obj+0x00000065) liboffset 00015058
2017-05-03 09:04:45 <00610> [0x7f93ced7f7f8] => ../../../lib/libfgfmevent.so  liboffset 000167f8
2017-05-03 09:04:45 <00610> [0x7f93ced7e058] => ../../../lib/libfgfmevent.so (destroy_obj+0x00000065) liboffset 00015058
2017-05-03 09:04:45 <00610> [0x7f93ced80315] => ../../../lib/libfgfmevent.so  liboffset 00017315
2017-05-03 09:04:45 <00610> [0x7f93ced7e058] => ../../../lib/libfgfmevent.so (destroy_obj+0x00000065) liboffset 00015058
2017-05-03 09:04:45 <00610> [0x7f93ced7cd29] => ../../../lib/libfgfmevent.so  liboffset 00013d29
2017-05-03 09:04:45 <00610> [0x7f93ced7cdff] => ../../../lib/libfgfmevent.so  liboffset 00013dff
2017-05-03 09:04:45 <00610> [0x7f93ced7e058] => ../../../lib/libfgfmevent.so (destroy_obj+0x00000065) liboffset 00015058
2017-05-03 09:04:45 <00610> [0x7f93ced80315] => ../../../lib/libfgfmevent.so  liboffset 00017315
2017-05-03 09:04:45 <00610> [0x7f93ced7e058] => ../../../lib/libfgfmevent.so (destroy_obj+0x00000065) liboffset 00015058
2017-05-03 09:04:45 <00610> [0x7f93ced81ea0] => ../../../lib/libfgfmevent.so  liboffset 00018ea0
2017-05-03 09:04:45 <00610> [0x7f93ced7e058] => ../../../lib/libfgfmevent.so (destroy_obj+0x00000065) liboffset 00015058
2017-05-03 09:04:45 <00610> [0x7f93cb2f7191] => ../../../lib/libsvcclt.so (__get_obj_list_ext+0x000000b3)
2017-05-03 09:04:45 <00610> [0x7f93d1c53cab] => ../../../lib/libfazcore_context.so  liboffset 0000ccab
2017-05-03 09:04:45 <00610> [0x7f93d1c54aed] => ../../../lib/libfazcore_context.so  liboffset 0000daed
2017-05-03 09:04:45 <00610> [0x7f93d1a45917] => ../../../lib/libfazcore_sysbase.so (flgcu_set+0x00000114) liboffset 00023917
2017-05-03 09:04:45 <00610> [0x00415bcb] => /bin/oftpd  
2017-05-03 09:04:45 <00610> [0x0041808e] => /bin/oftpd  
2017-05-03 09:04:45 <00610> [0x00418d9d] => /bin/oftpd  
2017-05-03 09:04:45 <00610> [0x7f93cbf2120a] => ../../../lib/libpthread.so.0  
2017-05-03 09:04:45
 
2017-05-03 09:05:02 <00524> firmware FAZVM64-HV-5.4-build1019-160217 [VM]
2017-05-03 09:05:02 <00524> application oftpd
2017-05-03 09:05:02 <00524> *** signal 11 (Segmentation fault) received ***
2017-05-03 09:05:02 <00524> Register dump:
2017-05-03 09:05:02 <00524> RAX: ffffffff00000000    RBX: 00007f313f831064
2017-05-03 09:05:02 <00524> RCX: 0000000000000000    RDX: ffffffff00000000
2017-05-03 09:05:02 <00524> R8:  00007f313f831060    R9:  0000000000000400
2017-05-03 09:05:02 <00524> R10: 0000000000000000    R11: 0000000000000000
2017-05-03 09:05:02 <00524> R12: 000000000274eb44    R13: 00007f313f831064
2017-05-03 09:05:02 <00524> R14: 00007f313f831064    R15: 0000000000000000
2017-05-03 09:05:02 <00524> RSI: 00007f313f831060    RDI: 000000000274eb8c
2017-05-03 09:05:02 <00524> RBP: 0000000041000f40    RSP: 0000000041000f40
2017-05-03 09:05:02 <00524> RIP: 00007f315a313d4f    EFLAGS: 0000000000010286
2017-05-03 09:05:02 <00524> CS:  0033   FS: 0000   GS: 0000
2017-05-03 09:05:02 <00524> Trap: 000000000000000e     Error: 0000000000000005
2017-05-03 09:05:02 <00524> OldMask: 0000000000000000
2017-05-03 09:05:02 <00524> CR2: ffffffff00000010
2017-05-03 09:05:02 <00524> Backtrace:
2017-05-03 09:05:02 <00524> [0x7f315a313d4f] => ../../../lib/libfgfmevent.so (rb_first+0x0000000c) liboffset 00012d4f
2017-05-03 09:05:02 <00524> [0x7f315a314dd6] => ../../../lib/libfgfmevent.so  liboffset 00013dd6
2017-05-03 09:05:02 <00524> [0x7f315a316058] => ../../../lib/libfgfmevent.so (destroy_obj+0x00000065) liboffset 00015058
2017-05-03 09:05:02 <00524> [0x7f315a318315] => ../../../lib/libfgfmevent.so  liboffset 00017315
2017-05-03 09:05:02 <00524> [0x7f315a316058] => ../../../lib/libfgfmevent.so (destroy_obj+0x00000065) liboffset 00015058
2017-05-03 09:05:02 <00524> [0x7f315a3177f8] => ../../../lib/libfgfmevent.so  liboffset 000167f8
2017-05-03 09:05:02 <00524> [0x7f315a316058] => ../../../lib/libfgfmevent.so (destroy_obj+0x00000065) liboffset 00015058
2017-05-03 09:05:02 <00524> [0x7f315a318315] => ../../../lib/libfgfmevent.so  liboffset 00017315
2017-05-03 09:05:02 <00524> [0x7f315a316058] => ../../../lib/libfgfmevent.so (destroy_obj+0x00000065) liboffset 00015058
2017-05-03 09:05:02 <00524> [0x7f315a314d29] => ../../../lib/libfgfmevent.so  liboffset 00013d29
2017-05-03 09:05:02 <00524> [0x7f315a314dff] => ../../../lib/libfgfmevent.so  liboffset 00013dff
2017-05-03 09:05:02 <00524> [0x7f315a316058] => ../../../lib/libfgfmevent.so (destroy_obj+0x00000065) liboffset 00015058
2017-05-03 09:05:02 <00524> [0x7f315a318315] => ../../../lib/libfgfmevent.so  liboffset 00017315
2017-05-03 09:05:02 <00524> [0x7f315a316058] => ../../../lib/libfgfmevent.so (destroy_obj+0x00000065) liboffset 00015058
2017-05-03 09:05:02 <00524> [0x7f315a319ea0] => ../../../lib/libfgfmevent.so  liboffset 00018ea0
2017-05-03 09:05:02 <00524> [0x7f315a316058] => ../../../lib/libfgfmevent.so (destroy_obj+0x00000065) liboffset 00015058
2017-05-03 09:05:02 <00524> [0x7f315688f191] => ../../../lib/libsvcclt.so (__get_obj_list_ext+0x000000b3)
2017-05-03 09:05:02 <00524> [0x7f315d1ebcab] => ../../../lib/libfazcore_context.so  liboffset 0000ccab
2017-05-03 09:05:02 <00524> [0x7f315d1ecaed] => ../../../lib/libfazcore_context.so  liboffset 0000daed
2017-05-03 09:05:02 <00524> [0x7f315cfdd917] => ../../../lib/libfazcore_sysbase.so (flgcu_set+0x00000114) liboffset 00023917
2017-05-03 09:05:02 <00524> [0x00415bcb] => /bin/oftpd  
2017-05-03 09:05:02 <00524> [0x0041808e] => /bin/oftpd  
2017-05-03 09:05:02 <00524> [0x00418d9d] => /bin/oftpd  
2017-05-03 09:05:02 <00524> [0x7f31574b920a] => ../../../lib/libpthread.so.0  
2017-05-03 09:05:02
 
2017-05-03 09:07:17 <00808> firmware FAZVM64-HV-5.4-build1019-160217 [VM]
2017-05-03 09:07:17 <00808> application oftpd
2017-05-03 09:07:17 <00808> *** signal 11 (Segmentation fault) received ***
2017-05-03 09:07:17 <00808> Register dump:
2017-05-03 09:07:17 <00808> RAX: 0000000000000000    RBX: 00000000ffffffff
2017-05-03 09:07:17 <00808> RCX: 0000000000000000    RDX: 00007ff903e83064
2017-05-03 09:07:17 <00808> R8:  000000000089dc20    R9:  0000000000000335
2017-05-03 09:07:17 <00808> R10: 0000000000000000    R11: 00007ff903e7d200
2017-05-03 09:07:17 <00808> R12: 00007ff8ee841218    R13: 0000000000000001
2017-05-03 09:07:17 <00808> R14: 0000000000000001    R15: 00007ff8ee841740
2017-05-03 09:07:17 <00808> RSI: 0000000000000001    RDI: 00000000ffffffff
2017-05-03 09:07:17 <00808> RBP: 0000000041515020    RSP: 0000000041514f90
2017-05-03 09:07:17 <00808> RIP: 00007ff905166f09    EFLAGS: 0000000000010206
2017-05-03 09:07:17 <00808> CS:  0033   FS: 0000   GS: 0000
2017-05-03 09:07:17 <00808> Trap: 000000000000000e     Error: 0000000000000004
2017-05-03 09:07:17 <00808> OldMask: 0000000000000000
2017-05-03 09:07:17 <00808> CR2: 00000001000000af
2017-05-03 09:07:17 <00808> Backtrace:
2017-05-03 09:07:17 <00808> [0x7ff905166f09] => ../../../lib/libcrypto.so.1.0.0 (engine_unlocked_finish+0x00000009)
2017-05-03 09:07:17 <00808> [0x7ff904732590] => ../../../lib/libcommon_oftp.so (OFTP_destroy_SSL_context+0x000000a0)
2017-05-03 09:07:17 <00808> [0x004174c9] => /bin/oftpd  
2017-05-03 09:07:17 <00808> [0x004180dc] => /bin/oftpd  
2017-05-03 09:07:17 <00808> [0x00418d9d] => /bin/oftpd  
2017-05-03 09:07:17 <00808> [0x7ff903e7b20a] => ../../../lib/libpthread.so.0  
2017-05-03 09:07:17
 
2017-05-03 09:07:30 <01664> firmware FAZVM64-HV-5.4-build1019-160217 [VM]
2017-05-03 09:07:30 <01664> application oftpd
2017-05-03 09:07:30 <01664> *** signal 11 (Segmentation fault) received ***
2017-05-03 09:07:30 <01664> Register dump:
2017-05-03 09:07:30 <01664> RAX: 0000000000000005    RBX: 00007fc2bb1f7da8
2017-05-03 09:07:30 <01664> RCX: 0000000000000000    RDX: 0000000000000000
2017-05-03 09:07:30 <01664> R8:  0000000040a59e40    R9:  000000000000068c
2017-05-03 09:07:30 <01664> R10: 0000000000000000    R11: 00007fc2bb016290
2017-05-03 09:07:30 <01664> R12: 000000028900e008    R13: 00007fc2bb1f7da8
2017-05-03 09:07:30 <01664> R14: 000000028900e008    R15: 0000000000000000
2017-05-03 09:07:30 <01664> RSI: 00007fc2bb1f1be0    RDI: 000000028900e008
2017-05-03 09:07:30 <01664> RBP: 00007fc2bb1f1be0    RSP: 0000000040a59d80
2017-05-03 09:07:30 <01664> RIP: 00007fc2bb01b0b0    EFLAGS: 0000000000010206
2017-05-03 09:07:30 <01664> CS:  0033   FS: 0000   GS: 0000
2017-05-03 09:07:30 <01664> Trap: 000000000000000e     Error: 0000000000000004
2017-05-03 09:07:30 <01664> OldMask: 0000000000000000
2017-05-03 09:07:30 <01664> CR2: 000000028900e008
2017-05-03 09:07:30 <01664> Backtrace:
2017-05-03 09:07:30 <01664> [0x7fc2bb01b0b0] => ../../../lib/libcrypto.so.1.0.0  
2017-05-03 09:07:30 <01664> [0x00013d17]  
2017-05-03 09:07:30
 
2017-05-03 09:07:48 <01790> firmware FAZVM64-HV-5.4-build1019-160217 [VM]
2017-05-03 09:07:48 <01790> application oftpd
2017-05-03 09:07:48 <01790> *** signal 11 (Segmentation fault) received ***
2017-05-03 09:07:48 <01790> Register dump:
2017-05-03 09:07:48 <01790> RAX: 00000000ffffffff    RBX: 00000000ffffffff
2017-05-03 09:07:48 <01790> RCX: 0000000000000001    RDX: 0000000000000000
2017-05-03 09:07:48 <01790> R8:  00007f2fbd8927f0    R9:  0000000000000000
2017-05-03 09:07:48 <01790> R10: 0000000001ad1cbf    R11: 00007f2fbc6d0900
2017-05-03 09:07:48 <01790> R12: 0000000001a433f0    R13: 0000000000000000
2017-05-03 09:07:48 <01790> R14: 0000000000000001    R15: 0000000000000000
2017-05-03 09:07:48 <01790> RSI: 00000000ffffffff    RDI: 00000000ffffffff
2017-05-03 09:07:48 <01790> RBP: 0000000001a43430    RSP: 000000004201dda8
2017-05-03 09:07:48 <01790> RIP: 00007f2fbc6d3a40    EFLAGS: 0000000000010213
2017-05-03 09:07:48 <01790> CS:  0033   FS: 0000   GS: 0000
2017-05-03 09:07:48 <01790> Trap: 000000000000000e     Error: 0000000000000004
2017-05-03 09:07:48 <01790> OldMask: 0000000000000000
2017-05-03 09:07:48 <01790> CR2: 00000000ffffffff
2017-05-03 09:07:48 <01790> Backtrace:
2017-05-03 09:07:48 <01790> [0x7f2fc1430fc4] => ../../../lib/libsegfault.so  liboffset 00001fc4
2017-05-03 09:07:48 <01790> [0x7f2fbc6934df] => ../../../lib/libc.so.6  
2017-05-03 09:07:48
2017-05-03 09:08:44 <02184> firmware FAZVM64-HV-5.4-build1019-160217 [VM]
2017-05-03 09:08:44 <02184> application oftpd
2017-05-03 09:08:44 <02184> *** signal 11 (Segmentation fault) received ***
2017-05-03 09:08:44 <02184> Register dump:
2017-05-03 09:08:44 <02184> RAX: 0000000000000000    RBX: 00000000ffffffff
2017-05-03 09:08:44 <02184> RCX: 00000000014b4b80    RDX: 0000000000000000
2017-05-03 09:08:44 <02184> R8:  0000000001206950    R9:  0000000000000893
2017-05-03 09:08:44 <02184> R10: 0000000000000000    R11: 00007fa0354dfbf0
2017-05-03 09:08:44 <02184> R12: 00007fa01fea24a8    R13: 0000000000000001
2017-05-03 09:08:44 <02184> R14: 0000000000000001    R15: 00007fa01fea29d0
2017-05-03 09:08:44 <02184> RSI: 00007fa0356f0bb8    RDI: 00000000ffffffff
2017-05-03 09:08:44 <02184> RBP: 0000000040952020    RSP: 0000000040951fd0
2017-05-03 09:08:44 <02184> RIP: 00007fa03678dfe9    EFLAGS: 0000000000010206
2017-05-03 09:08:44 <02184> CS:  0033   FS: 0000   GS: 0000
2017-05-03 09:08:44 <02184> Trap: 000000000000000e     Error: 0000000000000004
2017-05-03 09:08:44 <02184> OldMask: 0000000000000000
2017-05-03 09:08:44 <02184> CR2: 00000000ffffffff
2017-05-03 09:08:44 <02184> Backtrace:
2017-05-03 09:08:44 <02184> [0x7fa03678dfe9] => ../../../lib/libcrypto.so.1.0.0 (BN_free+0x00000009)
2017-05-03 09:08:44 <02184> [0x7fa035d94590] => ../../../lib/libcommon_oftp.so (OFTP_destroy_SSL_context+0x000000a0)
2017-05-03 09:08:44 <02184> [0x004174c9] => /bin/oftpd  
2017-05-03 09:08:44 <02184> [0x004180dc] => /bin/oftpd  
2017-05-03 09:08:44 <02184> [0x00418d9d] => /bin/oftpd  
2017-05-03 09:08:44 <02184> [0x7fa0354dd20a] => ../../../lib/libpthread.so.0  
2017-05-03 09:08:44
 
2017-05-18 16:21:55 <00611> firmware FAZVM64-HV-5.4-build1019-160217 [VM]
2017-05-18 16:21:55 <00611> application oftpd
2017-05-18 16:21:55 <00611> *** signal 11 (Segmentation fault) received ***
2017-05-18 16:21:55 <00611> Register dump:
2017-05-18 16:21:55 <00611> RAX: 0000000000000000    RBX: 0000000000ef7e50
2017-05-18 16:21:55 <00611> RCX: 0000000000f0bd30    RDX: 0000000000fac690
2017-05-18 16:21:55 <00611> R8:  0000000000c7cc98    R9:  0000000080000000
2017-05-18 16:21:55 <00611> R10: 0000000000000000    R11: 00007fe688a67bf0
2017-05-18 16:21:55 <00611> R12: 00007fe673420e48    R13: 0000000000000001
2017-05-18 16:21:55 <00611> R14: 0000000000000001    R15: 00007fe673421370
2017-05-18 16:21:55 <00611> RSI: 0000000000002000    RDI: 00000000f5f60000
2017-05-18 16:21:55 <00611> RBP: 000000000105e79f    RSP: 000000004184cfb8
2017-05-18 16:21:55 <00611> RIP: 00007fe689cd5215    EFLAGS: 0000000000010246
2017-05-18 16:21:55 <00611> CS:  0033   FS: 0000   GS: 0000
2017-05-18 16:21:55 <00611> Trap: 000000000000000e     Error: 0000000000000006
2017-05-18 16:21:55 <00611> OldMask: 0000000000000000
2017-05-18 16:21:55 <00611> CR2: 00000000f5f60000
2017-05-18 16:21:55 <00611> Backtrace:
2017-05-18 16:21:55 <00611> [0x7fe68d941fc4] => ../../../lib/libsegfault.so  liboffset 00001fc4
2017-05-18 16:21:55 <00611> [0x7fe688ba44df] => ../../../lib/libc.so.6  
2017-05-18 16:21:55
 
2017-08-24 12:36:25 <00643> firmware FAZVM64-HV-5.4-build1187-170518 [VM]
2017-08-24 12:36:25 <00643> application fazsvcd
2017-08-24 12:36:25 <00643> *** signal 6 (Aborted) received ***
2017-08-24 12:36:25 <00643> Register dump:
2017-08-24 12:36:25 <00643> RAX: 0000000000000000    RBX: 0000000000000056
2017-08-24 12:36:25 <00643> RCX: 00007f8e9e721295    RDX: 0000000000000006
2017-08-24 12:36:25 <00643> R8:  0000000000000006    R9:  0000000000000000
2017-08-24 12:36:25 <00643> R10: 0000000000000008    R11: 0000000000000202
2017-08-24 12:36:25 <00643> R12: 0000000000000056    R13: 00007f8e9895cbe0
2017-08-24 12:36:25 <00643> R14: 00007f8e9895cbe0    R15: 00007f8e9815b000
2017-08-24 12:36:25 <00643> RSI: 00000000000002c6    RDI: 0000000000000283
2017-08-24 12:36:25 <00643> RBP: 00007f8e9895cdd0    RSP: 00007f8e9895ca38
2017-08-24 12:36:25 <00643> RIP: 00007f8e9e721295    EFLAGS: 0000000000000202
2017-08-24 12:36:25 <00643> CS:  0033   FS: 0000   GS: 0000
2017-08-24 12:36:25 <00643> Trap: 0000000000000000     Error: 0000000000000000
2017-08-24 12:36:25 <00643> OldMask: 0000000000000000
2017-08-24 12:36:25 <00643> CR2: 0000000000000000
2017-08-24 12:36:25 <00643> Backtrace:
2017-08-24 12:36:25 <00643> [0x7f8e9e721295] => ../../../lib/libc.so.6 (gsignal+0x00000035)
2017-08-24 12:36:25 <00643> [0x7f8e9e7629a6] => ../../../lib/libc.so.6  
2017-08-24 12:36:25 <00643> [0x3064666430323230]  
2017-08-24 12:36:25


#14
emnoc
Expert Member
  • Total Posts : 4215
  • Scores: 237
  • Reward points: 0
  • Joined: 2008/03/20 13:30:33
  • Status: offline
Re: FAZ not collecting logs after moving FGT from one ADOM to another ADOM 2017/08/29 21:23:11 (permalink)
0
Okay good collections, so  a few question
 
 
serial# 1629 is  the only thing NOT  show in  the following;
 

-------------------------------------------------------
    FGHA001863xxxxx_CID:      1.53      1.85      1.47
        FGT60Dxxxxx10045:      0.84      0.97      0.79
    FGHA002019xxxxx8_CID:      1.04      7.43      4.58
        FGT60Dxxxxx19990:      0.78      1.14      0.81
        FWF90Dxxxxx06161:      0.87      1.66      1.28
        FGT80Cxxxxx7379:      1.95      2.80      2.17
        FWF90Dxxxxx00929:      1.96      2.37      1.93
        FGT60Dxxxxx73936:      0.50      2.37      1.53
        FGT60Exxxxx77654:      0.71      1.16      1.03
        FG100Dxxxxx03252:      8.46     12.70      8.62
        FGT60Cxxxxx13586:      0.79      1.07      0.81
        FGT60Exxxxx91388:      0.13      0.16      0.16
        FGT90Dxxxxx07335:      2.65      3.92      3.12
    FGHA000693xxxxx7_CID:      0.02      0.02      0.02
        FGT60Exxxxx79662:      0.02      0.02      0.02
 

 
Is that correct?
 
next, can you upgrade to v5.4.5 on the fortigate?
 
next, this seems similar to bug .id# 382381 where vdom deleted are not deleted in the FAZ.
 
If you  delete the device and re-add back to  the original admon does it work
 
Last is it possible a max limit  value for the  FAZ  ( seems  unlikely  ) but figure I would threw it out but your adom counts are way below the max value of the FAZ
 
 
 
 
 
Can you open a ticket with support

PCNSE6,PCNSE7, ACE, CCNP,FCNSP,FCESP,Linux+,CEH,ECSA,SCSA,SCNA,CISCA email/web
#15
ATC
New Member
  • Total Posts : 19
  • Scores: 0
  • Reward points: 0
  • Joined: 2011/02/16 14:06:20
  • Status: offline
Re: FAZ not collecting logs after moving FGT from one ADOM to another ADOM 2017/08/30 09:14:24 (permalink)
0
. Correct, the FGT in question does NOT appear in the results of diag fortilogd msgrate-device
 
. Yes, I will upgrade the FGT to 5.4.5 probably tomorrow night. We usually like to test new versions on some of our smaller FGTs first, so I will do those tonight and if no problems I'll do the 100E tomorrow night.
 
. I don't think we have reached any licensing limits; we are 20% of max logs per day, 54% of max storage, those are the only limits I am aware of.
 
. I removed the device and added it back to the original ADOM. I verified on the FGT that it was registered with the FAZ and was sending logs. However, the FAZ is still not receiving them. But an interesting notes Under Log View > Traffic, I see all the activity from 8/19/2017 which is the date that I first moved it to a different ADOM. I thought maybe the existence of these old logs was causing a problem, so I went to Log View > Log Browse--but there were no log files there. 
 
Thanks again for all the help!
#16
emnoc
Expert Member
  • Total Posts : 4215
  • Scores: 237
  • Reward points: 0
  • Joined: 2008/03/20 13:30:33
  • Status: offline
Re: FAZ not collecting logs after moving FGT from one ADOM to another ADOM 2017/08/30 14:18:07 (permalink)
0
PLS keep us update
 
 
FWIW. I replicated what you did on a FGT80C v5.4.5 and move it to a  new  adom and had no  issues.
 
 

PCNSE6,PCNSE7, ACE, CCNP,FCNSP,FCESP,Linux+,CEH,ECSA,SCSA,SCNA,CISCA email/web
#17
Jump to:
© 2017 APG vNext Commercial Version 5.5