Technical Tip: Selecting a different FortiAnalyzer for a specific VDOM (override-setting)

Description
In multi-tenant environments, certain tenants may require logs to be sent to their own FortiAnalyzer/FortiManager.

However, when attempting to configure logging to FortiAnalyzer/FortiManager for that tenant's VDOM, the check-box is greyed out.

Go to VDOM > Log & Report > Log Config > Log Settings > Send Logs to FortiAnalyzer/FortiManager.
 

Solution
The first step is to enable the FortiAnalyzer override-setting in that VDOM.

# config vdom
   edit vdom-A
     config log fortianalyzer override-setting
       set override enable
end

Afterwards, refresh the browser and configure the FortiAnalyzer/FortiManager settings for that VDOM.

Or configure via CLI:

# config vdom  

edit vdom-A
    config log fortianalyzer override-setting
      set status enable
      set server 192.168.100.100
end

Starting FortiOS 6.2.0 a new CLI command has been introduced :

# config vdom
  edit vdom-A
    config log setting

    set faz-override enable

 end

In order to define FortiAnalyzer override-setting, the above config should be enabled first, under the relevant VDOM.