Technical Note: Importing multiple logs into FortiAnalyzer
Description
This article explains how the Log import feature can be used for FortiAnalyzer v4.x, v5.0, v5.2 and v5.4. The Log import feature will support:
Additional Information:
Scope
This article explains how the Log import feature can be used for FortiAnalyzer v4.x, v5.0, v5.2 and v5.4. The Log import feature will support:
- Multiple protocols (ftp, sftp, scp, tftp)
- Tar ( .tar.gz, .tgz, .tar.bz2, .tar) files which contain multiple log files
Command format: v5.0, v5.2, v5.4
# execute log import <[ftp|sftp|scp|tftp]> <ip> <username> <password> <filename> <device-id>
Example: v5.0, v5.2, v5.4
Example: v5.0, v5.2, v5.4
| # execute log import ftp 192.168.182.4 user1 password logs_file.tar Do you want to continue? (y/n)y Connect to ftp server 192.168.182.4 ... File logs.tar is downloaded from ftp server 192.168.182.4. Log file successfully imported as FGT60D-1_FGT60XXXXXXXXXXX/wlog.223.log. Log file successfully imported as FGT60D-1_FGT60XXXXXXXXXXX/slog.314.log. |
Command format: v4.x
# execute import logs from-file <[ftp|sftp|scp|tftp]> <ip> <username> <password> <filename>
Example: v4.x
Example: v4.x
| # execute import logs from-file ftp 192.168.182.4 alex password logs.tar Do you want to continue? (y/n)y Connect to ftp server 192.168.182.4 ... File logs.tar is downloaded from ftp server 192.168.182.4. Log file successfully imported as FGT50B-1_FGT50XXXXXXXXXXX/wlog.223.log. Log file successfully imported as FGT50B-1_FGT50XXXXXXXXXXX/slog.314.log. |
Additional Information:
- This method allows the import of logs that were uploaded to remote server.
- The same can be done from HTTP/HTTPS GUI, with individual files only.
- Once the import have finished the unit will start to populate the database (SQL enabled) or indexed (v4 indexed based).
- Please refer to 'Technical Note: Transferring historical logs from a FortiGate hard disk to a FortiAnalyzer' in the Related Articles on how to download FortiGate log file.
Scope
FortiAnalyzer v4.x, v5.0, v5.2, v5.4.
Related Articles
Technical Note: Transferring historical logs from a FortiGate hard disk to a FortiAnalyzer