Technical Tip: How to change the log file archive name format on FortiAnalyzer

ojacinto · ‎11-04-2016

Description

This article describes how to change the format name for the log files archive in the FortiAnalyzer from the basic format to an extended format. This can be helpful to identify the log file date.

Basic format: FGTXXXXX.tlog.1417797247.log.
Extended format: FGTXXXXXX.2014-12-05-08:34:58.tlog.1417797247.log.

Scope

FortiAnalyzer.

Solution

To change the format name for the archive log files in the FortiAnalyzer the config system log setting must be changed:

config system log settings

(settings)# get

FAZ-custom-field1 : (null)

FCH-custom-field1   : (null)
FCT-custom-field1   : (null)
FDD-custom-field1   : (null)
FGT-custom-field1   : (null)
FMG-custom-field1   : (null)
FML-custom-field1   : (null)
FSA-custom-field1   : (null)
FWB-custom-field1   : (null)
download-max-logs   : 500000
ha-auto-migrate     : disable
log-file-archive-name: basic    ----> Current setting.
rolling-regular:
sync-search-timeout : 60

To change the format from basic to extended:

config system log settings

(settings)# set log-file-archive-name extended
(settings)# end
FAZ1000D #

The log file names will then contain the date and hour in a readable format.

Related documents:
Technical Tip: Backup and restore of FortiAnalyzer settings, logs and reports
Device logs

Technical Tip: How to change the log file archive name format on FortiAnalyzer

You are leaving our website