search cancel

Web Isolation: Troubleshooting Management Audit Logs

book

Article ID: 175563

calendar_today

Updated On:

Products

Web Isolation

Issue/Introduction

Management GUI does not show logs in the Management Audit Logs

Resolution

1. Check if the management audit logs are the latest:

tail -f /var/log/fireglass_management_audit.log

 

2. Check if there are any issues with the management log on logstash:

curl http://169.254.0.1:9200/_cluster/health?pretty

curl http://169.254.0.1:9200/_cat/indices | sort | grep management-audit

curl http://169.254.0.1:9200/_cat/shards | grep management

 

Basically the status should be showing GREEN or STARTED

From the above we can delete the old log file and restart the logstash docker.

 

3. To delete a particular log, for example 'management-audit-2018.09'

curl -XDELETE http://169.254.0.1:9200/management-audit-2018.09

 

4. To Restart Docker

docker ps | grep logstash

docker restart [logstash container id]