Skip to main content

Log Files

This page provides a brief description of several ways to export data from a running Forward system.

Your Forward support team may ask you to provide a collected Snapshot or log files to diagnose an issue.

caution

The API endpoints referenced in this page are not published in the Forward API docs and are subject to change.

Snapshot Download

Scroll to the needed Snapshot from the Snapshots list, then click on the Export icon. Download Snapshot

Forward Collector Logs

Instructions to retrieve collector logs can be found here: Collector Logs

Forward Platform System Logs

The Forward support team may ask users to retrieve and share the Forward Platform System Logs from Forward UI and some additional system logs.

System Logs from Forward UI

caution

The system logs from Forward UI are available for on-prem deployments only.

Org admins can export logs from the Export log files dialog, which can be accessed from the Help & Support dialog.

Download Logs from GUI

The Export log files dialog allows users to customize the logs included in the export.

Upload Logs from GUI

Users can select one of the following Export destination options:

  • Local download: the downloaded file can be shared with the Forward support team via e-mail.
Notes

Contact the Forward support team if the file size exceeds max-attachment size of your email provider.

  • Send to Forward: the logs will be sent to an Amazon AWS S3 bucket owned by Forward via the https://uploads-forwardnetworks.s3.amazonaws.com URL.
note

The file upload is sent via the user's browser, so only the browser needs to be able to reach Amazon AWS S3, not the Forward App server.

Forward http access logs to a syslog server

The Forward Enterprise http access logs can be forwarded to any external syslog server (e.g. Splunk) via this REST API url

https://YOUR_VM_IP/api/vm/admin/syslogConfig

Following are sample cURL commands to enable, disable and read the current configuration:

Enable Forwarding

curl -X PUT -u "username:password" \
  https://YOUR_VM_IP/api/vm/admin/syslogConfig \
  -H 'Content-Type: application/json' \
  -d '{
    "host": "SYSLOG_SERVER_IP",
    "udpPort": SYSLOG_SERVER_PORT_NUMBER
}'

Disable forwarding

curl -X DELETE -u "username:password" \
  https://YOUR_VM_IP/api/vm/admin/syslogConfig

Read the current configuration

curl -X GET -u "username:password" \
  https://YOUR_VM_IP/api/vm/admin/syslogConfig