IBM Support

IBM MustGather: Collecting data for Guardium Appliance

Question & Answer


Question

If there is a problem with the Guardium Collector, Aggregator or Central Manager, what basic information must be gathered before contacting IBM Software Support?

Answer

Tab navigation

The must gather commands can be run at any time by user cli as follows.

  1. Open a putty session (or similar) to the Collector, Aggregator or Central Manager of concern.
  2. Log in as user cli
  3. Depending on the type of issue you are facing, paste the relevant must gather commands into the cli prompt. More than one must gather command may be needed in order to diagnose the problem.

    support must_gather system_db_info
    support must_gather purge_issues
    support must_gather audit_issues
    support must_gather agg_issues
    support must_gather cm_issues
    support must_gather alert_issues


    The following may take a few minutes to run to completion

    support must_gather miss_dbuser_prog_issues
    support must_gather sniffer_issues


    For the following commands you will be prompted for a time in minutes for how long you want the debugger running whilst you reproduce the problem

    support must_gather backup_issues
    support must_gather scheduler_issues
    support must_gather app_issues


    Output is written to the relevant must_gather directory ( according to the specific must_gather that was run )
    The files and directories are actually located under the following directory on the Appliance
    /var/log/guard/must_gather

    The directory and filename would appear in this format

    must_gather/must_gather_type_logs/must_gather_type.date.tgz

    for example
    must_gather/system_logs/system.20131126.tgz


  4. Send the resulting output to IBM Support
    • By using fileserver you can upload the tgz files and send to Support.
    • Send via email or upload to ECUREP using - for example - the standard data upload specifying the PMR number and file to upload.

      NOTE - When looking at the log files from fileserver they will appear as if under the directory
      must_gather/
      ( ie the /var/log/guard prefix is not listed)

[{"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"--","Platform":[{"code":"PF016","label":"Linux"}],"Version":"10.0;8.2;9.0;9.1;9.5","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
16 June 2018

UID

swg21624567