Daily Limit reached with one Fortigate

Hello,

I have a Fortigate 80C Cluster (Active-Passive), which handle about 2TB of traffic per week.

All traffic is logged to a Fortimanager 400B, which is exclusively handling the logs for this one Cluster.

I noticed that I get the message of daily limit reached on some days, see attached picture.

I now wonder if this could really be the case that one Fortigate could cause this much logs.

Because for example, if I would calculate a FG600D which has a throughput of 36Gbps I would come to a daily traffic of 36Gbps*60*60*24=3,110,400Gb/D

If I now compare my Fortigate with a weekly throughput of 2TB which causes 1,9 GB, this one FG600D would produce log files the size of daily ~2967 GB.

Only the biggest Fortianalyzer could handle this kind of traffic and this is only one Fortigate.

So I would like to know if this ratio between 2TB of traffic to 1,9GB of logs is accurate or if I have some kind of misconfiguration between my Fortigate and Fortimanager. Or if I could somehow optimize my settings.

Thanks in advance

Paul