fortinet syslog and logrotate

Forum|Forum|15 years ago
April 10, 2011
2 replies
3616 views

hi. i use and external server as my syslog server for the fortinet. i would like to activate a logrotate on my server for the fortinate logs, however, i do not know how to force the syslog on the fortinate to restart from my external server. otherwise it will just keep outputting to the newly renamed file and not to the new empty file. anyone can help?

ede_pfau

SuperUser

Methinks that is a feature of your syslog server. The FGT logs to the IP of the server not to a specific file. The syslog server should copy the current log file, rename it and clear the current one. I use Kiwi syslog (now part of Solarwinds) but I haven' t used log rotation yet.

SECCON1MC

New Member

Setting a sighup on your syslog service that is called in conjunction with log rotation should do the trick. The issue is the file lock on your syslog server and nothing todo with the fortigate. Good Luck

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded