Remote Logging To The Fortiguard Analysis And Management Service - Fortinet FortiGate Series Administration Manual

Configuring how a FortiGate unit stores logs

Remote logging to the FortiGuard Analysis and Management Service

712
FortiAnalyzer The name of the FortiAnalyzer unit. The default name of a FortiAnalyzer unit is
its product name, for example, FortiAnalyzer-400.
(Hostname)
FortiGate The serial number of the FortiGate unit.
(Device ID)
Registration The status of whether or not the FortiGate unit is registered with the
FortiAnalyzer unit. If the FortiGate unit is unregistered, it may not have full
Status
privileges. For more information, see the FortiAnalyzer Administration Guide.
Connection The connection status between FortiGate and FortiAnalyzer units. A green
check mark indicates there is a connection and a gray X indicates there is no
Status
connection.
Disk Space (MB) The amount of disk space, in MB, on the FortiAnalyzer unit for logs.
Allocated
Space
Used Space
Total Free
Space
Privileges The permissions of the device for sending and viewing logs, reports, DLP
archives, and quarantined logs.
• Tx indicates the FortiGate unit is allowed to transmit log packets to the
FortiAnalyzer unit.
• Rx indicates the FortiGate unit is allowed to display reports and logs stored
on the FortiAnalyzer unit.
A check mark indicates the FortiGate unit has permissions to send or view log
information and reports. An X indicates the FortiGate unit is not allowed to send
or view log information.
You can also test the connection status between the FortiGate unit and the FortiAnalyzer
unit by using the following CLI command:
execute log fortianalyzer test-connectivity
The command displays the connection status and the amount of disk usage in percent.
For more information, see the
Note: The test connectivity feature also provides a warning when a FortiGate unit requires
a higher-end FortiAnalyzer unit or when the maximum number of VDOMs/FortiGate units
has been reached on the FortiAnalyzer unit.
You can configure logging to a FortiGuard Analysis server after registering for the
FortiGuard Analysis and Management Service on the Fortinet support web site. Fortinet
recommends verifying that the connection is working properly before configuring logging
to a FortiGuard Analysis server.
You can enable FortiGate features from the FortiGate web-based manager. For more
information, see "Log types" on page
DLP archiving, is also available.
To log to a FortiGuard Analysis server
1 Go to Log&Report > Log Config.
2 Select the Expand Arrow beside Remote Logging to reveal the available options.
3 Select FortiGuard Analysis Service.
4 Enter the account ID in the Account ID field.
The amount of space designated for logs, including quarantine
files and DLP archives.
The amount of used space.
The amount of unused space.
FortiGate CLI Reference.
734. Logging traffic, as well as summary and email
FortiGate Version 4.0 MR1 Administration Guide
Log&Report
01-410-89802-20090903
http://docs.fortinet.com/ • Feedback