Advanced Logging Information
It's easy to obtain detailed UniFi logs from your devices. Most of these logs are already available in the standard support file detailed here.
The methods that follow are only relevant for advanced network administrators performing their own advanced troubleshooting, or if requested by a UI Support Engineer.
Device Logs
To obtain the logs below, you must establish a Secure Shell (SSH) connection with the device of interest. See Connect With SSH to learn more.
General Logs
Each UniFi device stores additional logs in the following directory:
/var/log/messages
To view all logs, use the cat command:
cat /var/log/messages
To view the live output, use the tail command instead:
tail -f /var/log/messages
Gateway Logs
RADIUS Logging
/var/log/freeradius/radius.log
DNSmasq Logging
/var/log/dnsmasq.log
Threat Management Engine Logging (IPS/IDS)
/var/log/suricata/suricata.log
Switch Logs
UI Support may require additional switch logs be sent for review. After connecting to the switch using SSH, they can be generated by issuing the following commands:
telnet localhost
enable
show tech-support
Once generated, copy and paste the logs into a *.txt file.
Legacy Security Gateways (USG)
After connecting over SSH, general logs can be viewed using:
show log
Additional VPN logs can be viewed using:
show vpn log
To see which route is assigned to a virtual tunnel interface (VTI), use the show command:
show ip route | grep vti
UI support may occasionally request the following output to be copied into a *.txt file and shared:
show tech-support | no-more
Other UniFi Network Logs
Some logs are stored locally in your UniFi Network application and do not require using SSH. These are obtained differently depending on where UniFi is running:
- Dedicated UniFi Cloud Gateways (Dream Machines, CloudKeys, etc.): Logs are contained in the *.tgz file. Click here to learn more.
-
Self-Hosted UniFi Network Servers: Logs are saved locally on the PC/server running UniFi Network. Right-click on UniFi and select Show Package Contents, or navigate to the appropriate directory. Common directories are listed below:
- Windows: C:\Users\<username>\Ubiquiti UniFi\logs\
- macOS: /Users/<username>/Library/Application\ Support/UniFi/logs/
- UniFi CloudKey and Debian/Ubuntu Linux*: /usr/lib/unifi/logs/
Traffic Capture
A UI Support Engineer may request you to capture traffic passing through a specific interface on a device. This is often done using TCPDUMP. After connecting to a device using SSH, issue the following command depending on the device in use:
Access Points
tcpdump -i <interface>
Gateways
tcpdump -npi <interface>
Note: Replace '<interface>' with the specific interface of interest.
Once sufficient traffic is generated, these logs can be shared with support by copying them into a *.txt file.