FortiAnalyzer
FortiAnalyzer can receive logs and Windows host events directly from endpoints connected to EMS, and you can use FortiAnalyzer to analyze the logs and run reports.
RuiChang
Staff
Staff
Description

FortiGate is able to connect to FortiAnalyzer.

This article describes that, however, FortiAnalyzer is not able to receive the log from FortiGate with the condition that FortiAnalyzer is managed by FortiManager.

Scope FortiManager / FortiAnalyzer.
Solution

Use the command below to check at FortiGate:

 

FGT# exe log fortianalyzer test-connectivity
FortiAnalyzer Host Name: FAZXXXX123
FortiAnalyzer Adom Name: test
FortiGate Device ID: FG123XXXXXX
Registration: registered
Connection: deny(configuration is denied)

 

The error indicates that FortiManager has restricted the log permissions in the device that is connected to FortiAnalyzer.

Execute the following command in FortiManager followed by FortiAnalyzer to resolve the issue:

 

All devices:

 

# execute log device permissions all all enable

 

Specific device:

 

# execute log device permissions <device_id> all enable

Contributors