Technical Tip: How to enable FortiAnalyzer features in FortiManager
Description
This article describes how to enable FortiAnalyzer features in FortiManager.
Scope
- If FortiAnalyzer features have been enabled in FortiManager, it will not be possible to add FortiAnalyzer to FortiManager.
- If FortiAnalyzer is added to FortiManager, FortiAnalyzer features are automatically enabled to support the managed FortiAnalyzer and can not be disabled.
- FortiAnalyzer features are not available on FortiManager-100C.
- FortiAnalyzer features cannot be enabled when FortiManager is configured in an HA Cluster.
Solution
In some situations, in the system of FortiManager, a request is made to use the basic feature of FortiAnalyzer for some reason.
In case the FortiManager matches the requirements above, it is possible to enable FortiAnalyzer features in FortiManager from the GUI or CLI as below.
If the FortiAnalyzer feature is enabled on FortiManager, it will not be possible to add a FortiAnalyzer device to be managed in this FortiManager
Solution to fix the issue.
From the GUI.
Go to System Settings -> Dashboard -> System Information widget, select to toggle the 'FortiAnalyzer Features' switch to 'On' -> FortiAnalyzer Features, and select 'OK'.
 
From CLI.
config system global
get
set faz-status enable
end
get
set faz-status enable
end
It will cause FortiManager to reboot. After the FortiManager reboots and logs in to FortiManager GUI, FortiManager will show FortiAnalyzer features like FortiView, Reports, etc. FortiManager will use port 541 to manage FortiGates, and port 514 to receive logs from FortiGates.
After that, enable logging to the FortiManager using the FortiManager script configuration to be installed in the FortiGate devices using this article:
Check this document as another option to add the FortiAnalyzer logging to FortiGate using the security fabric configuration: