Help
FortiAnalyzer
FortiAnalyzer can receive logs and Windows host events directly from endpoints connected to EMS, and you can use FortiAnalyzer to analyze the logs and run reports.
RuiChang
Staff
Staff

Created on ‎12-06-2022 10:41 PM

Article Id 232346

Technical Tip: FortiGate connected to FortiAnalyzer but configuration is deny

Description

FortiGate is able to connect to FortiAnalyzer.

This article describes that, however, FortiAnalyzer is not able to receive the log from FortiGate with the condition that FortiAnalyzer is managed by FortiManager.
Scope FortiManager / FortiAnalyzer.
Solution

Use the command below to check at FortiGate:

 

FGT# exe log fortianalyzer test-connectivity
FortiAnalyzer Host Name: FAZXXXX123
FortiAnalyzer Adom Name: test
FortiGate Device ID: FG123XXXXXX
Registration: registered
Connection: deny(configuration is denied)

 

The error indicates that FortiManager has restricted the log permissions in the device that is connected to FortiAnalyzer.

Execute the following command in FortiManager followed by FortiAnalyzer to resolve the issue:

 

All devices:

 

# execute log device permissions all all enable

 

Specific device:

 

# execute log device permissions <device_id> all enable
604
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.