Phantom menace Fibaro switch randomly

Hi all,
I suddenly have this issue with at least one of my z-wave dimmers. For the second time in one week the dimmer switched to 100% in the middle of the night turning the light in my bedroom on full wack :flushed:
It did not amuse my wife ( and me too as you would understand).
I try to read the log in the morning but it doesn’t show the lines anymore of a few hours back. Is there anyway I could get the log of a specific time?

I did some searching of randomly switching fibaro modules and found an article called Phantom Menace on the fibaro forum. I can not make much of it besides it seems to have something to do with association that are made .

Is someone familiar with this problem?
What would be a good alternative for my z-wave fibaro nodes as it is always something with these things. I would be happy to migrate to zigbee or some other protocol. At least not as buggy as fibaro.

Reading such stuff first thing that comes into my mind is always: have you opened any port on your router to make OH available via public internet not using the service ?
In case OH is available on the internet there are people that find your installation and they may play such a game to make you aware of that it is not a good idea to open any service in an unprotected way.

Normally log files are rotated and you should have there a list of files. E.g.:

-rw-r--r-- 1 openhab openhab 2724289 Mar 12 09:56 events.log
-rw-r--r-- 1 openhab openhab 2227660 Mar 12 09:00 openhab.log
-rw-r--r-- 1 openhab openhab 1789193 Mar  9 21:01 events.log.7.gz
-rw-r--r-- 1 openhab openhab 1801535 Feb 23 15:06 events.log.6.gz
-rw-r--r-- 1 openhab openhab 1795417 Feb  8 10:03 events.log.5.gz
-rw-r--r-- 1 openhab openhab  286639 Jan 23 23:11 events.log.4.gz
-rw-r--r-- 1 openhab openhab   38314 Jan 23 23:11 openhab.log.7.gz

You need to login to your OH host and manually look into the files. frontail only shows a subset of the complete history.

Thanks Wolfgang, I found the logs and I feel soooo stupid.
I messed around last week with my installation as my IP-adres constantly changed. I searched if I could do some DDNS routing and finally configured that inside my mikrotik router. I thought I also needed to forward my openhab instance port 80 to reach it from the outside, Stupid of course as it is not secured by a password. I should have known.
So now in the log I can see someone randomly pressed a few buttons as also my garage door was open. Luckily I live in a safe neighbourhood :wink:
I removed the forwarded port so that should fix this in the future.
Besides accessing my openhab-web could a badwilling person had done more harm to my installation or is that not possible?

Just need to figure out how I can secure my login in combination with DDNS. Will need to dive in this information some more.

Have a look at

1 Like