Intermittent Log Visibility Loss in FortiGate with FortiAnalyzer Collector Deployment

Good morning, team,

I have been experiencing a recurring issue within my infrastructure for some time.

I have already opened a case with TAC; however, no definitive solution has been provided so far.
Currently, I manage an environment consisting of approximately seven FortiAnalyzers, each with an associated FortiAnalyzer Collector.

Until September 2025, there were no issues within this topology. However, at a certain point, the environment began to exhibit unexpected behavior.
FortiGates started losing log visibility across multiple features, including Traffic Forward, FortiView, and any other functionality that relies on logs sourced from the FortiAnalyzer.
The issue initially affected several FortiGates connected to FortiAnalyzer 01. After several hours of troubleshooting, we identified that restarting the FortiAnalyzer Collector linked to FortiAnalyzer 01 would temporarily restore functionality, allowing logs to be displayed again on the FortiGates. However, this proved to be only a temporary workaround.

A few hours later, the same issue began occurring on other FortiGates connected to different FortiAnalyzers, all of which also had a FortiAnalyzer Collector in their topology. This behavior was particularly concerning, as it was no longer an isolated issue—such as a single FortiAnalyzer Collector failing to forward logs to its respective FortiAnalyzer—but rather a scenario where multiple FortiAnalyzer Collectors intermittently stop forwarding logs to their respective FortiAnalyzers at different times throughout the day.

It is important to note that the issue occurs across different FortiAnalyzers at different times; it never affects all of them simultaneously.

At this point, approximately six months after the issue first appeared, no definitive solution has been identified. Has anyone experienced a similar issue or can provide recommendations?