Hot!FortiWeb-VM can't load login Page due to Logdisk issue

Author
hamoud.hamdan
New Member
  • Total Posts : 1
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/06/12 18:34:58
  • Status: offline
2018/06/12 18:47:38 (permalink)
0

FortiWeb-VM can't load login Page due to Logdisk issue

Dear All,
 
Please note that I am not able to login to fortiweb web interface but I can login to SSH, and can see errors in console:
 
read only file system error log file could not open error log file /var/log/apache logs/error_log
read only file system error log file could not open error log file /var/log/apache logs/error_log
read only file system error log file could not open error log file /var/log/apache logs/error_log
 
to solve this issue i have to execute this command:     execute formatlogdisk
 
is there any way to solve this issue, it has appears to me four to five time till now.
 
Please find below log settings in FortiWeb-VM:
 
--------------------------------------------------------------------
 
config log attack-log
set packet-log parameter-rule-failed hidden-fields-failed http-protocol-constraints signature-detection custom-protection-rule anti-virus-detection illegal-xml-format ip-intelligence illegal-file-type cookie-security fsa-detection trojan-detection user-tracking-detection account-lockout-detection
end
config log traffic-log
set status enable
set packet-log enable
end
config log disk
end
config log email-policy
edit "Email"
set mailfrom fortiweb@umniah.con
set mailto1 sshahin@umniah.com
set mailto2 a.barakat@umniah.com
set smtp-server 192.168.31.151
set severity alert
set interval 2
set attach-compression enable
next
end
config log alertmail
end
config log fortianalyzer-policy
edit "Fortianalyzer"
config fortianalyzer-server-list
edit 1
set ip-address 192.168.142.5
next
end
next
end
config log trigger-policy
edit "Trigger"
set email-policy Email
set analyzer-policy Fortianalyzer
next
end
config log event-log
set cpu-high 70
set mem-high 70
set trigger-policy Trigger
set logdisk-high 70
end
config log forti-analyzer
set status enable
set severity debug
set fortianalyzer-policy Fortianalyzer
end
-----------------------------------------------------------------
  
 BR,
Hamoud Hamdan
 
#1

1 Reply Related Threads

    abelio
    Expert Member
    • Total Posts : 3605
    • Scores: 51
    • Reward points: 0
    • Joined: 2005/03/31 13:28:59
    • Location: Buenos Aires, Argentina
    • Status: offline
    Re: FortiWeb-VM can't load login Page due to Logdisk issue 2018/06/14 08:04:32 (permalink)
    0
    Hello Hamoud
     
    hamoud.hamdan
     
    is there any way to solve this issue, it has appears to me four to five time till now.
     
    ....
    config log traffic-log
    set status enable
    ...
     



    Yes,
    disabling traffic log;
    It's not a good practice to maintain traffic log permanently.
     
    From admin's  guide:
    "
    Logging performance

    If you have a FortiAnalyzer, store FortiWeb’s logs on the FortiAnalyzer to avoid resource usage associated with
    writing logs to FortiWeb’s own hard disks. For details, see "Configuring log destinations" on page 695.
    If you do not need a traffic log, disable it to reduce the use of system resources. For details, see "Enabling log
    types, packet payload retention, & resource shortage alerts" on page 693.
    Reduce repetitive log messages. Configure the alert email settings to define the interval that emails are sent if the
    same condition persists following the initial occurrence. For details, see "Configuring email settings" on page 712.
    Avoid recording log messages using low severity thresholds, such as information or notification, to the local hard
    disk for an extended period of time. Excessive logging frequency saps system resources and can cause undue wear
    on the hard disk and may cause premature failure. For details, see "Configuring log destinations" on page 695" .

    regards
    --
    Abel
    #2
    Jump to:
    © 2018 APG vNext Commercial Version 5.5