Access logs and log bundles - Administrator Guide - 8.5 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR On-prem Documentation

Product
Cortex XSOAR
Version
8.5
Creation date
2024-03-10
Last date published
2024-11-28
Category
Administrator Guide
Solution
On-prem
Abstract

View logs for monitoring system health and download log bundles for troubleshooting from the Cortex XSOAR System Diagnostics page or from your VM textual UI menu.

Logs provide information about events that occur in the system. They are a valuable tool in troubleshooting issues that might arise in your Cortex XSOAR environment. If you need additional help to find the source of an issue, you can download the log bundle to send to support or engineering or to attach to a support ticket to facilitate the troubleshooting process.

Note

You need viewer SSH user permissions to view and download logs.

Once Cortex XSOAR is installed and running, you can view system status and download log bundles from the Cortex XSOAR UI. If you encounter issues during installation or if Cortex XSOAR is not running, you can access logs and log bundles from the textual UI menu.

View logs and download log bundles from the textual UI

  1. If the textual UI is not already open, either launch the web console from your VM or SSH log in from an external terminal. For more information, see Troubleshoot your installation.Troubleshoot your installation

    opp-logs.png
  2. To see the logs, in the textual UI menu, select View Logs.

    These logs are not related to any user session in Cortex XSOAR.

  3. To download a log bundle, in the textual UI menu, select Log Bundle.

View system status and download log bundles from Cortex XSOAR

  1. In Cortex XSOAR, navigate to Settings & InfoSystemSystem Diagnostics.

    The System Diagnostics page provides system status data over time in the form of graph and table widgets.

    opp-system-diagnostics.png
  2. To download a log bundle, from the System Diagnostics page click opp-download-log-bundle.png.