How to find relevant logs for Prisma SD-WAN issues
Objective
To review log files based on the incident's product area
Environment
- Prisma SD-WAN
- ION devices
- Strata Cloud Manager
Procedure
Related log files for Product/Feature Areas
Product Area |
Related log files (facility) |
|
Prisma SD-WAN VPN/SecureFabric |
VPN, daemon, elem-mgr, event, UI Alerts/Incidents |
|
HA |
HAM, elem-mgr, event, UI HA status, UI Alerts/Incidents |
|
FC |
flow-ctrl, daemon, local0, user, fib-mgr, UI Alerts/Incidents |
|
ServiceLink |
local1, tunnel-mgr, elem-mgr, probe, UI Alerts/Incidents |
|
Interface and hardware issues |
elem-mgr, daemon, emif, user, UI Alerts/Incidents |
|
controller |
Mrl_agent, mrl_access, elapi, cgnx-infra, elem-scm, micmac, local5 |
|
LQM |
wpa, |
|
Cellular |
cman |
|
Routing |
rtr-mgr, daemon, fibmgr |
|
Element sync issue |
elapi |
|
ADEM |
adem |
|
DNS service |
nsm |
|
DHCP/DHCP Relay |
daemon |
|
IPFIX serve |
ipfix |
|
DeviceID/IoT service |
Log-agent, device_cer |
|
SNMP |
daemon |
|
Multicast |
mcastsvc, daemon, rtr-mgr |
|
Apps/app-engine |
ngpcap, app-probe, daemon |
|
Switching |
mstp, emif, |
|
Wan reachability |
wpa |
|
FIPS |
cgssl |
|
Path/Security/QoS policy |
flow-ctrl |
|
Memory leak |
user, local0 |
Logs can be checked in different ways, for example:
- Filter logs within a time frame
debug logs dump [start=<datetime>] [end=<datetime>] [raw] [facility...]
debug logs dump start=2024-06-08T19:00:00 end=2024-06-09T19:00:00 elem-mgr flow-ctrl
- Dump logs live as they are generated (similar to 'tail -f file.log' in Linux)
debug logs follow flow-ctrl
- Dump all logs at once
debug logs dump