Logging and reporting

I cant seem to get reporting working again after reinstall. I followed the community.sophos.com/.../123209 guide and everything except "Log Type - Local" checks out as it gets automatically unchecked after save. I dont event see Reports > Compliance > Events > System Events

  • looking at the garner.log I spotted the following - do I need to do a reinstall?

     

    Feb 19 11:37:58: OPPOSTGRES: process_pgsql_query: query 'CREATE TABLE available_fwapplicationv7_1550569078 (time bigint,application varchar(384),username varchar(384),destipv6 inet,hostipv6 inet,ruleid bigint,hits bigint DEFAULT 1,upload bigint DEFAULT 1,download bigint DEFAULT 1,bytes bigint DEFAULT 1,hostcountry varchar(4),destcountry varchar(4),risk smallint,technology varchar(32),category varchar(64),eduusergroup character varying(384) default '', srczonename character varying(360) default '', srczonetype character varying(60) default '', destzonename character varying(360) default '', destzonetype character varying(60) default '', appresolver integer,app_id bigint,classification bigint, is_cloud_application bigint, app_parent bigint,in_interface character varying(16) default '',parent_cat_id bigint default 0) ;' execution failed: ERROR: could not read block 279 in file "base/16386/11879": read only 0 of 8192 bytes

    Feb 19 11:37:58: OPPOSTGRES: get_next_available_table: new table couldn't created
    Feb 19 11:37:58: OPPOSTGRES: do_datainsert: couldn't select table 'fwapplicationv7'
    Feb 19 11:37:58: OPPOSTGRES: oppostgres_output: log event couldn't inserted

  • In reply to Ashruf Rodrigues:

    OK, I ran a Flush Device Reports and rebooted - I now get some reports but the garner.log has these FORCED CONNECTION RESET messages.

    What do they mean and how can I fix it?

     

    Feb 19 12:40:01: OPPOSTGRES: FORCED CONNECTION RESET for TABLE: 'denied_web_content_categorization_datav8' FD: 21
    Feb 19 12:40:01: OPPOSTGRES: release_postgres_client: Database disconnected FD: 21
    Feb 19 12:40:01: OPPOSTGRES: move_table_to_usedqueue: moving table 'available_fwapplicationv7_1550571604' FD: 17
    Feb 19 12:40:01: OPPOSTGRES: move_table_to_usedqueue: table 'available_fwapplicationv7_1550571604' is moved to 'tbl_used_fwapplicationv7' queue
    Feb 19 12:40:01: OPPOSTGRES: FORCED CONNECTION RESET for TABLE: 'fwapplicationv7' FD: 17
    Feb 19 12:40:01: OPPOSTGRES: release_postgres_client: Database disconnected FD: 17

  • In reply to Ashruf Rodrigues:

    Hello Ashruf,

    It does seem the connection between the database is broken .Could you conduct the folowing steps and try again?

    • Take a backup from the XG firewall and store it on the local machine or FTP server.
    • Connect the console cable to the serial connection on XG firewall, if you are using the VM then the console will be shown.
    • When you connect the console of XG firewall using putty or hyper terminal then you would receive the prompt of for password.
    • instead of password enter "RESET" and choose option 3.
    • Once the system is reset to default then you may restore the backup and check if that would resolve the issue.

    Related KBA.

    Setup Serial Console Connection using PuTTy

    How to backup and restore a configuration

  • In reply to Aditya Patel:

     

    I have run through your suggestion but still get the FORCED CONNECTION RESET messages in the garner.log

    Feb 19 18:20:01: OPPOSTGRES: move_table_to_usedqueue: table 'available_event_dat
    av6_1550585701' is moved to 'tbl_used_event_datav6' queue                       
    Feb 19 18:20:01: OPPOSTGRES: FORCED CONNECTION RESET for TABLE: 'event_datav6' F
    D: 15                                                                           
    Feb 19 18:20:01: OPPOSTGRES: release_postgres_client: Database disconnected FD: 
    15                                                                              
    ERROR     Feb 19 18:22:11 [4146661696]: handle_accept: write() failed during han
    dshake: Broken pipe                                                             
    MESSAGE   Feb 19 18:22:26 [4146661696]: height_of_tree : 13                     
    MESSAGE   Feb 19 18:22:26 [4146661696]: no_of_nodes:  7176                      
    MESSAGE   Feb 19 18:22:26 [4146661696]: size of tree 143520