FastNetMon Advanced generates pretty big amount of log entries and they can be used to debug some decisions made by FastNetMon. By default, FastNetMon uses file based logging to /var/log/fastnetmon/fastnetmon.log. Example log entry looks like:
2020-05-01 19:12:46,252 [INFO] FastNetMon started 2020-05-01 19:12:46,252 [INFO] FastNetMon version: 2.0.187 git 804...631 started 2020-05-01 19:12:46,252 [INFO] Read configuration file
For any kinds of issues or misbehavior FastNetMon uses logging levels WARN and ERROR:
2020-04-12 22:31:24,262 [WARN] We will use 192.168.1.0/30 instead of 192.168.1.1/30 because it's host address 2020-03-17 09:40:34,244 [ERROR] Please specify intreface for AF_PACKET
If you have any log analytics system it make sense to filter our such error messages and look on them precisely.
If you experience some complex issues or support team told you so then you can enable debug level logging:
sudo fcli set main logging_level debug sudo fcli commit
In this mode FastNetMon will generate really big amount of log entries, please do not enable this mode for long time and after debugging, please switch to default log level “info”:
sudo fcli set main logging_level info sudo fcli commit
For systems with centralized log collection we offer ability to send logs to remove locations via syslog’s UDP based protocol.
sudo fcli set main logging_remote_syslog_logging enable sudo fcli set main logging_remote_syslog_port 514 sudo fcli set main logging_remote_syslog_server 10.10.10.10 sudo fcli commit
As another option, you can send messages to local syslog daemon:
sudo fcli set main logging_local_syslog_logging enable sudo fcli commit
Please do not rely on text of log messages, we do not guarantee their consistency, please use API or callback scripts instead.
Since version 2.0.191 FastNetMon have got support for versioned and stable log messages which can be used for different actions and we guarantee their availability and format in new versions. They’re enabled automatically when you enable remote or local syslog logging. Examples:
v:1 mode:blackhole action:ban proto:ipv4 target:127.0.0.1 pps_in_rate:0 pps_out_rate:0 bytes_in_rate:0 bytes_out_rate:0 v:1 mode:blackhole action:unban proto:ipv4 target:127.0.0.1 pps_in_rate:0 pps_out_rate:0 bytes_in_rate:0 bytes_out_rate:0