Skip to main content
WinterSnowYap
Staff
WinterSnowYap
Staff
April 18, 2025

Troubleshooting Tip: FortiAnalyzer failing to restore logs without having a FortiAnalyzer backup config

  • April 18, 2025
  • 0 replies
  • 555 views
Description This article describes how to troubleshoot FortiAnalyzer failing to restore logs without having a FortiAnalyzer backup config.
Scope FortiAnalyzer.
Solution

Below is the scenario:

 

  1. At FortiAnalyzer, go to Log View -> Log Browse -> Import. FortiAnalyzer failed to import the logs because FortiAnalyzer does not have the FortiGate device information.

 

202504_FAZ restore FGT logs_001.png

 

  1. At FortiAnalyzer, go to Device Manager -> Add Device with the FortiGate serial number. From the exported logs, it will mention the FortiGate serial number inside the log file name.


202504_FAZ restore FGT logs_002.png

 

  1. At FortiAnalyzer, go to Log View -> Log Browse -> ImportDevice SN or 'Taken from imported File'. Once the FortiGate logs have been successfully imported, rebuild the FortiAnalyzer database by executing the following CLI command. Note that this process will trigger a FortiAnalyzer reboot:

 

execute sql-local rebuild-adom <AdomName>  <----- Requires a restart from version 7.6 onwards.

execute sql-local rebuild-db

 

202504_FAZ restore FGT logs_003.png

 

After FortiAnalyzer completes rebuilding the database, then can view the Analytics Logs.

 

202504_FAZ restore FGT logs_004.png

 

Related article:

Technical Tip: How to migrate a FortiAnalyzer log and config to a new system after an RMA or a FortiAnalyzer upgrade 
      Terms & ConditionsAccessibility statement