How to collect Portnox Docker container logs for support

In this topic, you will learn how to access and collect Portnox Docker container log files using the SSH protocol and the PuTTY application on Windows so that you can attach them to your support ticket.

This topic applies to logs from the following Portnox Docker images:

Note:

These instructions assume that you are running your Docker containers on Linux and we tested them using Ubuntu 22. If you are running your Docker containers on a different operating system, you may need to modify the shell commands.

  1. Install and run the PuTTY application on your Windows computer.
  2. Use the PuTTY application to connect to the virtual or physical machine that you use to run your Docker image.
    Note: The exact steps needed to connect to the machine depend fully on your environment.
  3. Optional: Restart the Docker container using the --debug option.
    Note: Does not apply to the following Docker containers because their logs contain debugging information by default: UniFi agent, automatic update.
    1. Remove the current container:
      docker container rm container-name
    2. Run the container using the same command that you used to run it before, but add the --debug option.
  4. Collect the Docker container logs by copying them to a temporary file:
    • Local RADIUS:

      sudo docker logs portnox-radius > /tmp/docker.log
    • Local TACACS+:

      sudo docker logs portnox-tacacs > /tmp/docker.log
    • ZTNA gateway:

      sudo docker logs portnox-gateway_name > /tmp/docker.log

      where gateway_name is the name of your ZTNA gateway.

    • DHCP relay:

      sudo docker logs portnox-dhcp-relay > /tmp/docker.log
    • SIEM gateway:

      sudo docker logs portnox-siem > /tmp/docker.log
    • UniFi agent:

      sudo docker logs portnox-unifi-agent > /tmp/docker.log
    • Automatic update:

      sudo docker logs portnox-autoupdate > /tmp/docker.log
  5. Collect the internal logs by copying them to a temporary compressed file:
    Important: Skip this step for the following Docker containers: DHCP relay, SIEM integration, UniFi agent, automatic update. These containers do not save extra internal logs and do not provide shell access.
    1. Run a shell inside the Docker container:
      sudo docker exec -it portnox-container_name /bin/bash

      where container-name is:

      • radius for local RADIUS
      • tacacs for local TACACS+
      • gateway_name for ZTNA
    2. Compress the /var log/ directory into a .tgz file and exit the Docker container shell:
      tar -czvf /tmp/logs.tgz /var/log/
      exit
    3. Copy the compressed logs from the Docker image to the host operating system:
      sudo docker cp portnox-container_name:/tmp/logs.tgz ~/logs.tgz

      where container-name is:

      • radius for local RADIUS
      • tacacs for local TACACS+
      • gateway_name for ZTNA
  6. Copy the log files from the Docker host machine to your Windows machine:
    Note: You can use any SCP or SFTP client to copy the file to your Windows machine. In this example, we are showing you how to do it using PuTTY’s command-line client.
    1. On your Windows machine, open a command prompt and navigate to the directory where you installed PuTTY.

      In most cases, the PuTTY installation directory is: C:\Program Files\PuTTY.

      cd "C:\Program Files\PuTTY"
    2. Run the pscp command to copy the files to your local computer.
      Note: You will be asked to enter the password of the Docker host machine user.
      • For all Docker containers:

        pscp remote_user@remote_host:~/docker.log "C:\Users\windows_user\Downloads\docker.log"
      • Additionally, for the following Docker containers: local RADIUS, local TACACS+, ZTNA gateway:

        pscp remote_user@remote_host:~/logs.tgz "C:\Users\windows_user\Downloads\logs.tgz"

      where:

      • remote_user: The username on the Docker host machine
      • remote_host: The hostname or the IP address of the Docker host machine
      • windows_user: Your username on your Windows computer

Result: Your Downloads folder on your Windows machine contains either the docker.log or both this file and the logs.tgz file, which you can attach to your support ticket.