Troubleshooting
Problem
/opt/qradar/support/get_logs.sh will fail if you run in non-root and certain sudo situations.
Symptom
When you are running the get_logs.sh script: /opt/qradar/support/get_logs.sh
, the command line will fail to run without possibly displaying any messages. If you get an error message it will look like the example below:
[non_root@Qradar_725 root]# ERROR: Something happened attempting to get logs.
Cause
In environments with non-root users logging in, they can't generate a get_logs. They must sudo as root to run the /opt/qradar/support/get_logs.sh shell script.
Resolving The Problem
The resolution is to properly run sudo permissions when executing get_logs.sh
sudo su -
or
su -
when you run as sudo su or su without the dash, your environment variables are not present and output of get_logs.sh will not run properly.
Where do you find more information?
Was this topic helpful?
Document Information
Modified date:
16 June 2018
UID
swg21964067