Troubleshooting Tip: FortiGate with HA can not send syslog

Description

This article describes how to fix the issue when the FortiGate with HA setting is unable to send syslog out properly.

Scope

FortiGate v6.4.x, v7.x with HA setting. 

Solution

FortiGate units with HA setting can not send syslog out as expected in certain situations. Users may consider running the debugging with CLI commands as below to investigate the issue.

At CLI command of FortiGate:

diagnose debug reset

diagnose debug disable

diagnose debug console timestamp enable

diagnose debug application miglogd -1

diagnose debug enable

One might come across the message 'miglog socket connect(global-syslog) failed'.

Debugging log:

2021-09-15 15:59:19 miglog_socket_set_interface()-221: Binded interface index: 55.

2021-09-15 15:59:19 <29555> __syslog_start_connection()-182: miglog socket connect(global-syslog) failed.

The solution to fix the issue:

At CLI command of FortiGate:

config system ha

    set ha-direct disable

  end