Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".


Seeking CLI assistance from those who use it

LarryLarry All-Knowing Sage ✭✭✭✭

I'm having a problem with a client's TZ670.

The CSR assigned to the case has insisted I follow the procedures documented in this KB article:

I'm OK with following directions if they are explicit, and I can understand them. However, there are two statements at the end of that KB that utterly confuse me.

To export the Tracelogs and console logs, they can only be obtained via API, FTP or SCP but they can't be generated via CLI.

   1. export trace-log <WORD> { api | FTP <FTP_URL> | scp <SCP_URL> [ port <IPV4_PORT> ] }

    EXAMPLE: export trace-log &traceLogType=1 scp user@server:/home/user/tracelog.wri

   2. export console-logs { api | FTP <FTP_URL> | scp <SCP_URL> [ port <IPV4_PORT> ] }

    EXAMPLE: export console-logs scp user@server:/home/user/consolelogs.wri

Could someone/anyone who is familiar with the CLI please explain or translate what they mean - and what I'm actually supposed to do?


Category: Entry Level Firewalls

Best Answer

  • Options
    BWCBWC Cybersecurity Overlord ✭✭✭
    Answer ✓

    @Larry 10 minutes for a TSR ... that takes patience to not cancel ... usually it's done in the matter of seconds.

    I guess it's to common to have some form of SSH or FTP server hanging around that SNWL assumes it as set. Most of the SMB are having some form of NAS, which provides FTP. But there is always the exception :)

    Whenever I faced that kind of problems (reboots, hangs, etc.) I tend to do some logging via serial console, it's a bit elaborate but can be done with a Raspberry Pi or something else listening to a COM port over a long period of time.



  • Options
    BWCBWC Cybersecurity Overlord ✭✭✭

    @Larry the syntax is pretty straight forward, I would go with scp if you have a ssh server (with scp enabled) near you.

    Check Page #1021 for details, there are some examples which clear things up.


  • Options
    LarryLarry All-Knowing Sage ✭✭✭✭

    Michael, I appreciate that, but it is still a very foreign language.

    I've got a laptop with PuTTY [that I cannot, for the life of me, get to connect] and TeraTerm that does via the Console cable.

    Despite the example provided, I still have no idea what "user@server:/home/user/tracelog.wri" is supposed to translate to.

  • Options
    BWCBWC Cybersecurity Overlord ✭✭✭

    Oh you Windows people, I totally forgot about you 🤣

    For scp you need a ssh server (on a linux box or on windows if available).

    The syntax is quite simple

    user = username on that system

    @server = ip address or name of the host where the ssh server runs

    : = delimiter

    /home/user/tracelog.wri = where to store the file, e.g. in the folder /home/user with a name of tracelog.wri

    If you don't want to torture yourself with that you can store on a ftp server as well, provided by your system or NAS.


  • Options
    LarryLarry All-Knowing Sage ✭✭✭✭

    Thank you for getting your jollies in today!

    This KB article clearly assumes knowledge, features, and resources that are far in excess of what I have available in a small business Windows environment - No SSH server, no FTP server. (Never mind the lack of warning that it would take almost 10 minutes to generate the TSR file - I thought something had broken.)

Sign In or Register to comment.