Skip to content
Click here to open the documentation of locally-managed switches, including the CLI and API guides.

Page permalink

Always use the following permalink when referencing this page. It will remain unchanged in future help versions.

https://docs.sophos.com/central/customer/help/en-us/index.html?contextId=switch-management-diagnostics

Diagnostics

You can access information in the local switch UI and support tools on the Diagnostics tab, configure log settings on the Log settings tab, and see and download the RAM and Flash logs from the switch on the RAM logs and Flash logs tabs.

Diagnostics

You can use the Diagnostics tab to perform diagnostic tasks and access diagnostic reports, troubleshooting tools, and system logs in the local switch UI.

The reports open in the local switch admin console in a new browser window. You must be on the same subnet as the switch you want to access from Sophos Central.

  • Resource Usage: Opens the local switch web UI at Monitor > Realtime Meters and shows a real-time graphical report of the current system CPU and memory usage.
  • Port Statistics: Opens the local switch web UI at Monitor > Statistics > Ports and shows each port's inbound and outbound packet counts and TX and RX errors.
  • MAC Address Table: Opens the local switch web UI at Monitor > Dynamic MAC Address Monitor > Static MAC Address and shows the MAC address table, which gives information about discovered devices for each port and VLAN.
  • PoE Power Usage: Opens the local switch web UI at Monitor > Dashboard > PoE Power Settings. The dashboard and PoE Port settings pages provide details per port on current, voltage, and power draw.
  • Network Diagnostics: Opens the local switch web UI at Analyze > Ping Test Analyze > Trace Route. You can use the ping and traceroute commands to test switch connectivity and Layer 3 routing functionality.

  • Event Logging: Opens the local switch web UI at Monitor > Local Logging Monitor > Log Table. You can use the local logging page to configure which events will be logged locally on the switch. The logged details are shown in the log table.

    Note

    You may need to adjust the log level to capture certain events. You must only turn this on while troubleshooting.

  • Cable Diagnostics: Opens the local switch web UI at Analyze > Diag Tools. Select the ports connected to the cable you want to test and click Test to run a cable diagnostics test on the selected switch ports.

  • SFP Module Info: Opens the local switch web UI at Monitor > SFP Module Information and shows the capabilities and information provided by your connected fiber modules to the switch.
  • Open local switch management: Opens the local switch web UI.

  • Remote assistance: Shows whether remote access for Sophos Support is turned on or off. Select the validity period from the drop-down list and click Activate to turn on remote assistance. Click Deactivate to turn off remote assistance.

    Note

    Turning on Remote assistance also turns on Sophos error reporting.

  • Sophos error reporting: This feature is turned on by default and sends agent logs to Sophos Central in the event of any of the following failures:

    • Firmware upgrade failure
    • Backup failure
    • Switch disconnect and reconnect
    • Any task synchronization failure

    Note

    The logs sent involve communication events between switches and Sophos Central and don't include configuration or network-related data. They're meant for analysis by Sophos Support to help investigate intermittent issues and problems that aren't easily reproduced.

  • Take a switch snapshot: Runs a series of system commands that take a snapshot of the switch. You can view the output of the commands in the task queue. We recommend using this only when directed to do so by Sophos Support.

  • Restart Sophos Central agent: Restarts the Sophos Central agent processes on the switch. We recommend using this only when directed to do so by Sophos Support.
  • Clear core files: Clears core files generated when processes stop responding to free up disk space. We recommend using this only when directed to do so by Sophos Support.

Log settings

The switch records events in two locations: Flash and RAM. The information stored in the system's RAM log is lost after the switch is restarted or powered off, while the information stored in the system's Flash remains even if the switch is restarted or powered off. When the log reaches capacity, the switch deletes the oldest entries and replaces them with newer entries.

Warning

The default log level for Flash logging is Critical. If you change the Flash log level, for example, to Debug to troubleshoot an issue on the switch, you must revert your changes when finished to avoid excessive wear on the device caused by the increased logging of events.

Select On or Off to turn custom Log settings on or off. Choose Not set to use settings configured locally on the switch.

Select a log level for RAM log level and Flash log level, and click Update to save your changes. When you select a log level, the switch also logs all higher-severity messages. For example, when you select Warning as your log level, Error, Critical, Alert, and Emergency messages are also logged even if they weren't selected before.

The following table describes the Syslog severity levels.

Code Severity Description General Description
0 Emergency System is unusable. The switch is unusable. All connected devices have lost network connectivity.
1 Alert Immediate action is needed. Immediate action is required to restore functionality. For example, the loss of a primary ISP connection.
2 Critical Critical conditions. Indicates a failure in a secondary system that requires action. For example, the loss of a backup ISP connection.
3 Error Error conditions. Non-urgent failures. We recommend resolving these items quickly.
4 Warning Warning conditions. Warning messages that indicate an error will occur if you don't take action. For example, "file system 85% full". You must resolve these items within a given time.
5 Notice Normal but significant condition. Events that are unusual but not error conditions. No immediate action is required.
6 Info Informational messages. Normal operational messages for reporting, measuring throughput, and so on. No action is required.
7 Debug Detailed events. This severity level provides detailed messages about all activity on the switch. You must turn it on only for troubleshooting and make sure you turn it off when finished.

RAM logs

The RAM logs tab shows the most recent entries in the switch's RAM logs. The content of the RAM log is deleted when the switch is powered off or restarted.

Click Download to download the RAM logs.

Flash logs

The Flash logs tab shows the most recent log entries from the switch. The content of the Flash log isn't deleted when the switch powers off or restarts.

Click Download to download the Flash logs.