Description
This article describes how to change the format name for the log files archive in the FortiAnalyzer from the basic format to an extended format. This can be helpful to identify the log file date.
Basic format: FGTXXXXX.tlog.1417797247.log.
Extended format: FGTXXXXXX.2014-12-05-08:34:58.tlog.1417797247.log.
Scope
FortiAnalyzer.
Solution
To change the format name for the archive log files in the FortiAnalyzer the config system log setting must be changed:
config system log settings
(settings)# get
FAZ-custom-field1 : (null)
FCH-custom-field1 : (null)
FCT-custom-field1 : (null)
FDD-custom-field1 : (null)
FGT-custom-field1 : (null)
FMG-custom-field1 : (null)
FML-custom-field1 : (null)
FSA-custom-field1 : (null)
FWB-custom-field1 : (null)
download-max-logs : 500000
ha-auto-migrate : disable
log-file-archive-name: basic ----> Current setting.
rolling-regular:
sync-search-timeout : 60
To change the format from basic to extended:
config system log settings
(settings)# set log-file-archive-name extended
(settings)# end
FAZ1000D #
The log file names will then contain the date and hour in a readable format.
Related documents:
Technical Tip: Backup and restore of FortiAnalyzer settings, logs and reports
Device logs
