Connecting To Fortianalyzer Using Automatic Discovery - Fortinet Fortigate-5000 series Administration Manual

Storing Logs

Connecting to FortiAnalyzer using Automatic Discovery

410
To configure the FortiGate unit to send logs to the FortiAnalyzer unit
1 Go to Log&Report > Log Config > Log Setting.
2 Select FortiAnalyzer.
3 Select the blue arrow to expand the FortiAnalyzer options.
4 Set the level of the log messages to send to the FortiAnalyzer unit.
5 Enter the Server IP address of the FortiAnalyzer unit.
6 Select Apply.
The FortiAnalyzer unit needs to be configured to receive logs from the FortiGate
unit after configuring log settings on the FortiGate unit. Contact a FortiAnalyzer
administrator to complete the configuration.
Note: The FortiGate unit can log up to three FortiAnalyzer units. The FortiGate unit sends
logs to all three FortiAnalyzer units where the logs are stored on each of the FortiAnalyzer
units. This provides real-time backup protection in the event one of the FortiAnalyzer units
fails. This feature is only available through the CLI. See the
more information.
You can connect to a FortiAnalyzer unit by using the Automatic Discovery feature.
Automatic discovery is a method of establishing a connection to a FortiAnalyzer
unit. When you select Automatic Discovery, the FortiGate unit uses HELLO
packets to locate any FortiAnalyzer units available on the network within the same
subnet. When the FortiGate unit discovers the FortiAnalyzer unit, the FortiGate
unit automatically enables logging to the FortiAnalyzer unit and begins sending
log data, if logging is configured for traffic and so on, to the FortiAnalyzer unit.
Note: The Automatic Discovery feature needs to be enabled on the FortiAnalyzer unit so
the feature works properly. The Automatic Discovery feature is disabled by default. The
FortiAnalyzer unit requires FortiAnalyzer 3.0 firmware to use the feature.
Note: If your FortiGate unit is in Transparent mode, the interface using the automatic
discovery feature will not carry traffic. Use the Fortinet Knowledge center article,
Discovery Protocol in Transparent
using the automatic discovery feature.
To enable automatic discovery
1 Go to Log&Report > Log Config > Log Setting.
2 Select the blue arrow for FortiAnalyzer to expand the options.
3 Select Automatic Discovery.
4 Select Discover.
The FortiGate unit searches within the same subnet for a response from any
available FortiAnalyzer units.
5 Select a FortiAnalyzer unit from the Connect To list.
6 Select Apply.
FortiGate CLI Reference
mode, to enable the interface to also carry traffic when
FortiGate Version 3.0 MR4 Administration Guide
Log&Report
for
Fortinet
01-30004-0203-20070102