Skip to content
Click here to open the documentation of locally-managed switches, including the CLI and API guides.

Page permalink

Always use the following permalink when referencing this page. It will remain unchanged in future help versions.

https://docs.sophos.com/central/customer/help/en-us/index.html?contextId=switch-management-diagnostics

Diagnostics

You can generate reports and view information about your switch's performance. You can also perform troubleshooting actions and turn on remote assistance to allow Sophos Support to debug remotely.

You can access the following diagnostic reports and troubleshooting tools in the local switch UI via Sophos Central:

The reports open in the local switch admin console in a new browser window. You must be on the same subnet as the switch you want to access from Sophos Central.

  • Resource Usage: Opens the local switch web UI at Monitor > Realtime Meters and shows a real-time graphical report of the current system CPU and memory usage.
  • Port Statistics: Opens the local switch web UI at Monitor > Statistics > Ports and shows each port's inbound and outbound packet counts and TX and RX errors.
  • MAC Address Table: Opens the local switch web UI at Monitor > Dynamic MAC Address Monitor > Static MAC Address and shows the MAC address table, which gives information about discovered devices for each port and VLAN.
  • PoE Power Usage: Opens the local switch web UI at Monitor > Dashboard > PoE Power Settings. The dashboard and PoE Port settings pages provide details per port on current, voltage, and power draw.
  • Network Diagnostics: Opens the local switch web UI at Analyze > Ping Test Analyze > Trace Route. You can use ping and traceroute to test switch connectivity and Layer 3 routing functionality.

  • Event Logging: Opens the local switch web UI at Monitor > Local Logging Monitor > Log Table. You can use the local logging page to configure which events will be logged locally on the switch. The logged details are shown in the log table.

    Note

    You may need to adjust the log level to capture certain events. You must only turn this on while troubleshooting.

  • Cable Diagnostics: Opens the local switch web UI at Analyze > Diag Tools. Select the ports connected to the cable you want to test and click Test to run a cable diagnostics test on the selected switch ports.

  • SFP Module Info: Opens the local switch web UI at Monitor > SFP Module Information and shows what capabilities and information your connected fiber modules provide to the switch.
  • Open local switch management: Opens to local switch web admin console.

  • Remote assistance: Shows whether remote access for Sophos Support is turned on or off. Select the validity period from the drop-down list and click Activate to turn on remote assistance. Click Deactivate to turn off remote assistance.

    Note

    Turning on Remote assistance also turns on Sophos error reporting.

  • Sophos error reporting: This feature is turned on by default. This sends agent logs to Sophos Central in the event of any of the following failures:

    • Firmware upgrade failure
    • Backup failure
    • Switch disconnect and reconnect
    • Any task synchronization failure

    Note

    The logs sent involve communication events between switches and Sophos Central and don't include configuration or network-related data. They're meant for analysis by Sophos Support to help investigate intermittent issues and problems that aren't easily reproduced.

  • Take a switch snapshot: Runs a series of system commands that take a snapshot of the switch. You can view the output of the commands in the task queue. We recommend you only use this when directed to by Sophos Support.

  • Restart Sophos Central agent: Restarts the Sophos Central agent processes on the switch. We recommend you only use this when directed to by Sophos Support.
  • Clear core files: Clears core files generated from process crash events that consume disk space. We recommend you only use this when directed to by Sophos Support.

Log settings

The switch records events in two locations: Flash and RAM. The information stored in the system's RAM log is lost after the switch is restarted or powered off, while the information stored in the system's Flash is kept even if the switch is restarted or powered off. When the log reaches capacity, the switch deletes the oldest entries and replaces them with newer entries.

Warning

The default log level for Flash logging is Critical. If you change the Flash log level, for example, to Debug to troubleshoot an issue on the switch, you must revert your changes when finished to avoid excessive wear on the device caused by the increase in logged events.

Select On or Off to turn custom Log settings on or off. Choose Not set to use settings configured locally on the switch.

Select a log level for RAM log level and Flash log level and click Update to save your changes. When you select a log level, the switch also logs all higher-severity messages. For example, when you select Warning as your log level, Error, Critical, Alert, and Emergency messages are also logged even if they weren't selected before.

The following table describes the Syslog severity levels.

Code Severity Description General Description
0 EMERG System is unusable. The switch is unusable. All connected devices have lost network connectivity.
1 ALERT Immediate action is needed. Immediate action is required to restore functionality. For example, the loss of a primary ISP connection.
2 CRIT Critical conditions. Indicates a failure in a secondary system that requires action. For example, the loss of a backup ISP connection.
3 ERROR Error conditions. Non-urgent failures. You must resolve these items within a given time.
4 WARNING Warning conditions. Warning messages that indicate an error will occur if you don't take action. For example, "file system 85% full". You must resolve these items within a given time.
5 NOTICE Normal but significant condition. Events that are unusual but not error conditions. No immediate action is required.
6 INFO Informational messages. Normal operational messages for reporting, measuring throughput, and so on. No action is required.
7 DEBUG Detailed events. This provides detailed messages about all activity on the switch. You must turn it on only for troubleshooting and make sure you turn it off when finished.

RAM logs

The RAM logs tab displays the most recent entries in the switch's RAM logs. The content of the RAM log is deleted when the switch powers off or restarts.

Click Download to download the RAM logs.

Flash logs

The Flash logs tab displays the most recent log entries from the switch. The content of the Flash log isn't deleted when the switch powers off or restarts.

Click Download to download the Flash logs.

More resources