Technical Tip: Disabling FortiAnalyzer alarm when tunnel to FortiManager is down in HA setup
| Description | This article describes the workaround to use in case of receiving 'Tunnel to FortiManager is down' alarm in HA setup. |
| Scope | FortiAnalyzer and FortiManager |
| Solution | In case of HA active-passive setup there will have only an active tunnel to Fortimanager, however the secondary unit of the cluster will generate alarm 'FortiManager tunnel connection down(Tunnel to FortiManager is down)' collected by Fortianalyzer.
There should be no tunnel from the secondary unit, so it is necessary to disable this alarm by disabling log using the below filter on the FortiGate.
# config log fortianalyzer filter end
Related articles. https://docs.fortinet.com/document/fortigate/6.2.1/cli-reference/386620/log-fortianalyzer-filter |