Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 4 replies
  • Subscribers 28 subscribers
  • Views 2962 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

LogginDaemo Dead or Stopped

Adriano Custodio

Hello.

This monday (2 days ago) i noticed that i had no logs on firewall and it was saying "loggindaemon dead".

So i restarted my firewall, surprisely, it did not failover and i had to hard reboot both of my firewalls here.

So today, again, loggindaemon is dead, so i tried to restart the service with the command service garner:restart -ds nosync

It said "running" but for only a few seconds and it turned to "stopped".

So, anything i can do?

Firmware SFOS 18.0.4 MR-4

XG330



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to Sophos Community.

    Request to share the output of below commands here or via PM.

    ==> Login to SSH > 5.  Device Management > 3.  Advanced Shell

    18.0.4 MR-4# service -S | grep garner
    18.0.4 MR-4# service -S | grep DEAD
    18.0.4 MR-4# service -S | grep STOPPED

    18.0.4 MR-4# df -kh

    18.0.4 MR-4# ls -lahr /var/cores

    18.0.4 MR-4# tail -n 50 /log/garner.log

    ==> Restart the garner service and check garner.log again ==> # service garner:restart -ds nosync

    18.0.4 MR-4# tail -n 50 /log/garner.log

    18.0.4 MR-4# tail -n 50 /log/postgres.log

Reply
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to Sophos Community.

    Request to share the output of below commands here or via PM.

    ==> Login to SSH > 5.  Device Management > 3.  Advanced Shell

    18.0.4 MR-4# service -S | grep garner
    18.0.4 MR-4# service -S | grep DEAD
    18.0.4 MR-4# service -S | grep STOPPED

    18.0.4 MR-4# df -kh

    18.0.4 MR-4# ls -lahr /var/cores

    18.0.4 MR-4# tail -n 50 /log/garner.log

    ==> Restart the garner service and check garner.log again ==> # service garner:restart -ds nosync

    18.0.4 MR-4# tail -n 50 /log/garner.log

    18.0.4 MR-4# tail -n 50 /log/postgres.log

Children
  • 0 in reply to FormerMember

    Hello, here are the outputs of the commands requested.

    XG330_WP01_SFOS 18.0.4 MR-4# service -S | grep garner
    garner               DEAD
    XG330_WP01_SFOS 18.0.4 MR-4# service -S | grep DEAD
    garner               DEAD
    XG330_WP01_SFOS 18.0.4 MR-4# service -S | grep STOPPED

    XG330_WP01_SFOS 18.0.4 MR-4# df -kh
    Filesystem                Size      Used Available Use% Mounted on
    none                    234.6M      2.8M    215.5M   1% /
    none                      5.8G     24.0K      5.8G   0% /dev
    none                      5.8G     52.3M      5.8G   1% /tmp
    none                      5.8G     14.8M      5.8G   0% /dev/shm
    /dev/boot               127.7M     38.0M     87.0M  30% /boot
    /dev/mapper/mountconf
                            385.4M     82.3M    299.0M  22% /conf
    /dev/content             15.5G    693.8M     14.9G   4% /content
    /dev/var                131.6G     96.9G     34.7G  74% /var

    XG330_WP01_SFOS 18.0.4 MR-4# ls -lahr /var/cores
    drwxr-xr-x    2 nobody   nobody      4.0K Jul  9  2017 waf
    -rw-------    1 root     0         656.0K Oct 23 18:47 core.smtpd
    -rw-------    1 root     0          19.4M Aug 17  2017 core.sandbox_reportd
    -rw-------    1 root     0          69.7M Mar 22 15:30 core.garner
    -rw-------    1 root     0          72.8M Jan 13  2020 core.awarrenhttp
    -rw-------    1 root     0         572.9M Jan 13  2020 core.EpollWorker_01
    -rw-------    1 root     0         768.8M Jan 19  2018 core.EpollWorker_00
    drwxr-xr-x   46 root     0           4.0K Mar 25 06:19 ..
    drwxrwxrwt    3 root     0           4.0K Mar 22 23:58 .

    XG330_WP01_SFOS 18.0.4 MR-4# tail -n 50 /log/garner.log
    (if_name => disp_if_name)'Port8' => 'Port8'
    (if_name => disp_if_name)'Port8' => 'Port8'
    MESSAGE   Mar 24 17:31:47 [4152932672]: parse_nw_inf_data: args: 'Port9###Port9
    '
    (if_name => disp_if_name)'Port9' => 'Port9'
    (if_name => disp_if_name)'Port9' => 'Port9'
    MESSAGE   Mar 24 17:31:47 [4152932672]: height_of_tree : 5
    XG330_WP01_SFOS 18.0.4 MR-4# tail -n 50 /log/garner.log
    (if_name => disp_if_name)'Port8' => 'Port8'
    (if_name => disp_if_name)'Port8' => 'Port8'
    MESSAGE   Mar 24 17:31:47 [4152932672]: parse_nw_inf_data: args: 'Port9###Port9
    '
    (if_name => disp_if_name)'Port9' => 'Port9'
    (if_name => disp_if_name)'Port9' => 'Port9'
    MESSAGE   Mar 24 17:31:47 [4152932672]: height_of_tree : 5
    MESSAGE   Mar 24 17:31:47 [4152932672]: no_of_nodes:  18
    MESSAGE   Mar 24 17:31:47 [4152932672]: size of tree 360
    MESSAGE   Mar 24 17:31:47 [4152932672]: setting ssl threads locks...
    MESSAGE   Mar 24 17:31:47 [4152932672]: ssl thread setup done
    MESSAGE   Mar 24 17:31:47 [4152932672]: Daemon initialization complete
    svc:init_uid_continue_mode:Error:cannot get the data page /uval20
    SFEVENTSFTS: Mar 24 17:31:47:sfeventsfts_set_permitted_diskspace: permitted_diskspace 18697261056
    SFEVENTSFTS: Mar 24 17:31:47:sfeventsfts_set_permitted_diskspace: used diskspace 16470155284
    [ghb] ghb_init successful
    MESSAGE   Mar 24 17:31:47 [4152932672]: [SCM::scm_init]  /cfs/system/logging/cm.conf
    [ghb] Connection to heartbeatd established
    ERROR     Mar 24 17:31:47 [4152932672]: [SCM::scm_init_config_data] Invalid config object
    ERROR     Mar 24 17:31:47 [4152932672]: [SCM::scm_init] scm_init_config_data failed
    ERROR     Mar 24 17:31:47 [4152932672]: /lib/garner/outputplugin/libscm.so: init failed
    ERROR     Mar 24 17:31:47 [4152932672]: parent_main: output plugin initialization failed
    NOTIFICATIONS: Mar 24 17:31:47:notifications_output: plugin handle invalid
    ERROR     [CRFORMATTER] Mar 24 17:31:47 [4152932672]: crformatter_output: plugin handle invalid
    SFEVENTSFTS: Mar 24 17:31:47:sfeventsfts_output: output_data_list is NULL
    ERROR     [CRFORMATTER] Mar 24 17:31:47 [4152932672]: crformatter_output: plugin handle invalid
    Plugin not Initialized or Invalid handle NULL
    sethreshold_output: plugin handle invalid
    ERROR     Mar 24 17:31:47 [4152932672]: resolver_output: plugin handle invalid
    ERROR     Mar 24 17:31:47 [4152932672]: resolver_output: plugin handle invalid
    ERROR     Mar 24 17:31:47 [4152932672]: resolver_output: plugin handle invalid
    ERROR     Mar 24 17:31:47 [4152932672]: resolver_output: plugin handle invalid
    Mar 24 17:31:47: OPPOSTGRES: oppostgres_output: plugin handle invalid
    ERROR     Mar 24 17:31:47 [4152932672]: garner_main::calling garner_shutdown
    MESSAGE   Mar 24 17:31:47 [4152932672]: garner: Closing servers

    Freeing node[Port5]
    Freeing node[Port8]
    Freeing node[GuestAP]
    Freeing node[Port4]
    Freeing node[Port6]
    Freeing node[Port2]
    Freeing node[Port7]
    Freeing node[Port3]
    Freeing node[Port10]
    Freeing node[Port1]
    Freeing node[Port9][ghb] Connection to heartbeatd closed
    MESSAGE   Mar 24 17:31:47 [4152932672]: cleaning up ssl locks...
    MESSAGE   Mar 24 17:31:47 [4152932672]: ssl thread cleanup done
    MESSAGE   Mar 24 17:31:47 [4152932672]: garner: Shutdown normally

    G330_WP01_SFOS 18.0.4 MR-4# tail -n 50 /log/garner.log
    (if_name => disp_if_name)'Port8' => 'Port8'
    (if_name => disp_if_name)'Port8' => 'Port8'
    MESSAGE   Mar 25 08:13:36 [4152015168]: parse_nw_inf_data: args: 'Port9###Port9
    '
    (if_name => disp_if_name)'Port9' => 'Port9'
    (if_name => disp_if_name)'Port9' => 'Port9'
    MESSAGE   Mar 25 08:13:36 [4152015168]: height_of_tree : 5
    MESSAGE   Mar 25 08:13:36 [4152015168]: no_of_nodes:  18
    MESSAGE   Mar 25 08:13:36 [4152015168]: size of tree 360
    MESSAGE   Mar 25 08:13:36 [4152015168]: setting ssl threads locks...
    MESSAGE   Mar 25 08:13:36 [4152015168]: ssl thread setup done
    MESSAGE   Mar 25 08:13:36 [4152015168]: Daemon initialization complete
    svc:init_uid_continue_mode:Error:cannot get the data page /uval20
    SFEVENTSFTS: Mar 25 08:13:36:sfeventsfts_set_permitted_diskspace: permitted_diskspace 18637373440
    SFEVENTSFTS: Mar 25 08:13:36:sfeventsfts_set_permitted_diskspace: used diskspace 16470155284
    [ghb] ghb_init successful
    MESSAGE   Mar 25 08:13:36 [4152015168]: [SCM::scm_init]  /cfs/system/logging/cm.conf
    [ghb] Connection to heartbeatd established
    ERROR     Mar 25 08:13:37 [4152015168]: [SCM::scm_init_config_data] Invalid config object
    ERROR     Mar 25 08:13:37 [4152015168]: [SCM::scm_init] scm_init_config_data failed
    ERROR     Mar 25 08:13:37 [4152015168]: /lib/garner/outputplugin/libscm.so: init failed
    ERROR     Mar 25 08:13:37 [4152015168]: parent_main: output plugin initialization failed
    NOTIFICATIONS: Mar 25 08:13:37:notifications_output: plugin handle invalid
    ERROR     [CRFORMATTER] Mar 25 08:13:37 [4152015168]: crformatter_output: plugin handle invalid
    SFEVENTSFTS: Mar 25 08:13:37:sfeventsfts_output: output_data_list is NULL
    ERROR     [CRFORMATTER] Mar 25 08:13:37 [4152015168]: crformatter_output: plugin handle invalid
    Plugin not Initialized or Invalid handle NULL
    sethreshold_output: plugin handle invalid
    ERROR     Mar 25 08:13:37 [4152015168]: resolver_output: plugin handle invalid
    ERROR     Mar 25 08:13:37 [4152015168]: resolver_output: plugin handle invalid
    ERROR     Mar 25 08:13:37 [4152015168]: resolver_output: plugin handle invalid
    ERROR     Mar 25 08:13:37 [4152015168]: resolver_output: plugin handle invalid
    Mar 25 08:13:37: OPPOSTGRES: oppostgres_output: plugin handle invalid
    ERROR     Mar 25 08:13:37 [4152015168]: garner_main::calling garner_shutdown
    MESSAGE   Mar 25 08:13:37 [4152015168]: garner: Closing servers

    Freeing node[Port5]
    Freeing node[Port8]
    Freeing node[GuestAP]
    Freeing node[Port4]
    Freeing node[Port6]
    Freeing node[Port2]
    Freeing node[Port7]
    Freeing node[Port3]
    Freeing node[Port10]
    Freeing node[Port1]
    Freeing node[Port9][ghb] Connection to heartbeatd closed
    MESSAGE   Mar 25 08:13:37 [4152015168]: cleaning up ssl locks...
    MESSAGE   Mar 25 08:13:37 [4152015168]: ssl thread cleanup done
    MESSAGE   Mar 25 08:13:37 [4152015168]: garner: Shutdown normally

    XG330_WP01_SFOS 18.0.4 MR-4# tail -n 50 /log/postgres.log
    12505 2021-03-22 12:56:46.476 GMTFATAL:  terminating connection due to administrator command
    10692 2021-03-22 12:56:46.476 GMTFATAL:  terminating connection due to administrator command
    10709 2021-03-22 12:56:46.476 GMTFATAL:  terminating connection due to administrator command
    8242 2021-03-22 12:56:46.476 GMTFATAL:  terminating connection due to administrator command
    5978 2021-03-22 12:56:46.489 GMTFATAL:  terminating connection due to administrator command
    6106 2021-03-22 12:56:46.489 GMTFATAL:  terminating connection due to administrator command
    9634 2021-03-22 12:56:46.476 GMTFATAL:  terminating connection due to administrator command
    12027 2021-03-22 12:56:46.476 GMTFATAL:  terminating connection due to administrator command
    6163 2021-03-22 12:56:46.489 GMTFATAL:  terminating connection due to administrator command
    5696 2021-03-22 12:56:46.476 GMTFATAL:  terminating connection due to administrator command
    6759 2021-03-22 12:56:46.490 GMTFATAL:  terminating connection due to administrator command
    7154 2021-03-22 12:56:46.490 GMTFATAL:  terminating connection due to administrator command
    10688 2021-03-22 12:56:46.477 GMTFATAL:  terminating connection due to administrator command
    8723 2021-03-22 12:56:46.490 GMTFATAL:  terminating connection due to administrator command
    9596 2021-03-22 12:56:46.491 GMTFATAL:  terminating connection due to administrator command
    10820 2021-03-22 12:56:46.477 GMTFATAL:  terminating connection due to administrator command
    10960 2021-03-22 12:56:46.477 GMTFATAL:  terminating connection due to administrator command
    14523 2021-03-22 12:56:46.477 GMTFATAL:  terminating connection due to administrator command
    16848 2021-03-22 12:56:46.477 GMTFATAL:  terminating connection due to administrator command
    9679 2021-03-22 12:56:46.492 GMTFATAL:  terminating connection due to administrator command
    9683 2021-03-22 12:56:46.492 GMTFATAL:  terminating connection due to administrator command
    11609 2021-03-22 12:56:46.492 GMTFATAL:  terminating connection due to administrator command
    12032 2021-03-22 12:56:46.493 GMTFATAL:  terminating connection due to administrator command
    12034 2021-03-22 12:56:46.493 GMTFATAL:  terminating connection due to administrator command
    12036 2021-03-22 12:56:46.493 GMTFATAL:  terminating connection due to administrator command
    17059 2021-03-22 12:56:46.477 GMTFATAL:  terminating connection due to administrator command
    12037 2021-03-22 12:56:46.494 GMTFATAL:  terminating connection due to administrator command
    17059 2021-03-22 12:56:46.494 GMTLOG:  could not send data to client: Broken pipe
    12038 2021-03-22 12:56:46.494 GMTFATAL:  terminating connection due to administrator command
    12039 2021-03-22 12:56:46.494 GMTFATAL:  terminating connection due to administrator command
    10472 2021-03-22 12:56:46.495 GMTFATAL:  terminating connection due to administrator command
    10514 2021-03-22 12:56:46.496 GMTFATAL:  terminating connection due to administrator command
    10957 2021-03-22 12:56:46.496 GMTFATAL:  terminating connection due to administrator command
    10972 2021-03-22 12:56:46.496 GMTFATAL:  terminating connection due to administrator command
    14522 2021-03-22 12:56:46.497 GMTFATAL:  terminating connection due to administrator command
    23483 2021-03-22 12:56:46.478 GMTFATAL:  terminating connection due to administrator command
    17040 2021-03-22 12:56:46.497 GMTFATAL:  terminating connection due to administrator command
    19503 2021-03-22 12:56:46.478 GMTFATAL:  terminating connection due to administrator command
    14958 2021-03-22 12:56:46.478 GMTFATAL:  terminating connection due to administrator command
    3174 2021-03-22 12:56:46.478 GMTFATAL:  terminating connection due to administrator command
    3247 2021-03-22 12:56:46.478 GMTFATAL:  terminating connection due to administrator command
    3266 2021-03-22 12:56:46.478 GMTFATAL:  terminating connection due to administrator command
    19507 2021-03-22 12:56:46.505 GMTFATAL:  terminating connection due to administrator command
    19508 2021-03-22 12:56:46.506 GMTFATAL:  terminating connection due to administrator command
    3176 2021-03-22 12:56:46.510 GMTFATAL:  terminating connection due to administrator command
    5725 2021-03-22 12:56:46.515 GMTLOG:  shutting down
    5725 2021-03-22 12:56:46.593 GMTLOG:  database system is shut down
    1673 2021-03-22 13:13:50.779 GMTLOG:  database system was shut down at 2021-03-22 12:56:46 GMT
    1672 2021-03-22 13:13:50.789 GMTLOG:  database system is ready to accept connections
    1677 2021-03-22 13:13:50.789 GMTLOG:  autovacuum launcher started

  • FormerMember
    0 FormerMember in reply to Adriano Custodio

    Thank you for sharing the log events.

    As suggested by LuCar Toni please log a support case to get it investigated further. Also please share the case ID via PM, so that I can add a note and keep a track of the same.