Log Diagnosis Help

Knightro · September 17, 2023, 5:57pm

Hello,

I've been running pi-hole for a year or so and have been getting more notifications/warnings. I generated the logs and uploaded and would like some assistance with debugging/correcting it.

Debug Token:

https://tricorder.pi-hole.net/qXQtgbFo/

Thank you.

Knightro · September 17, 2023, 6:02pm

Well, I just tried the uploaded log file and it's a blank page.
Pasting output log below.

*** [ DIAGNOSING ]: Name resolution (IPv6) using a random blocked domain and a known ad-serving domain
[✓] pgnigspl.com is :: on lo (::1)
[✓] pgnigspl.com is :: on eth0 (fe80::81fa:a39:2ec2:e2e5)
[✗] Failed to resolve doubleclick.com via a remote, public DNS server (2001:4860:4860::8888)
strong text

*** [ DIAGNOSING ]: Dashboard headers
[✗] Web interface X-Header: X-Header does not match or could not be retrieved.
HTTP/1.1 302 Found
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=bujr3i0lv1cq2c1vl894odfo2u; path=/; HttpOnly; SameSite=Strict
Location: login.php
Content-type: text/html; charset=UTF-8
X-Pi-hole: The Pi-hole Web interface is working!
X-Pi-hole: The Pi-hole Web interface is working!
X-Frame-Options: DENY
X-Frame-Options: DENY
X-XSS-Protection: 0
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline';
Content-Security-Policy: default-src 'self' 'unsafe-inline';
X-Permitted-Cross-Domain-Policies: none
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: same-origin
Referrer-Policy: same-origin
Date: Sun, 17 Sep 2023 17:51:44 GMT
Server: lighttpd/1.4.55

*** [ DIAGNOSING ]: contents of /etc/lighttpd/conf.d
/etc/lighttpd/conf.d does not exist.

chrislph · September 17, 2023, 6:22pm

There is all kinds going on here.

Database errors, locked database
Excessive queries from 192.168.1.111 and .67
Empty Pi-hole log file and warning about FTL log
Unable to access adlists
Errors in the web server headers
Multiple IPs on the same subnet assigned to the same interface
https entries in the regex blacklist

I would start by cleaning up the networking, removing the errant entries in the regex blacklist, resetting the long-term database. Then run a pihole -r and Repair. See if that gets it back online and fixes the adlists too.

But my personal opinion is that it would be easier and quicker to just do a fresh OS image and a fresh install. Do a Settings > Teleporter backup first, but be careful about what you import into a fresh setup. For example just the blacklist and whitelists, but even then they would need cleaning up to remove the https entries.

rdwebdesign · September 17, 2023, 6:37pm

No, it's not.
You just don't have access to read it (only the developers/moderators team has access).

You can find your own log at /var/log/pihole/pihole_debug.log.

Note:
Use less -r /var/log/pihole/pihole_debug.log to read the log in colors and use arrow keys to scroll.

jfb · September 17, 2023, 8:01pm

Only the Pi-hole team has access to uploaded debug logs.