Description
This article describes the configuration needed to display data in FortiAnalyzer secure SD-WAN monitor.
Scope
FortiAnalyzer.
Solution
- A 'No Device Selected' message will appear if FortiAnalyzer does not receive the necessary SD-WAN logs.
- To display data in a secure SD-WAN monitor, the following requirements need to be fulfilled.
- SD-WAN rule needs to have a specify source address together with protocol number/internet service/application.
- SLA logging needs to be enabled on FortiGate health check and applied to SD-WAN Rules.
Sample configuration in FortiOS 6.4:
config system sdwan
config health-check
edit "ping"
set sla-fail-log-period 30
set sla-pass-log-period 60
next
end
end
- SD-WAN interface members should have configured with the 'WAN' role and 'Estimated bandwidth'.
- The firewall policy with the SD-WAN interface needs to log all sessions.
- Ensure that traffic is passing through the SD-WAN rules. Verify this with the FortiGate SD-WAN rules hit count.
- Ensure that FortiAnalyzer is receiving health check SLA status logs under Logview -> Event -> SD-WAN.
- Once FortiAnalyzer receives the logs, the Secure SD-WAN monitor will provide the device list with data present in each widget.
Related articles:
Troubleshooting Tip: Troubleshooting the FortiManager SD-WAN monitor.
Technical Tip: Tabulating the data in the Application widgets in FortiView Secure SD-WAN Monitor.
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Inappropriate Content
Heck yes. I've been looking for this. Thank you!
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Inappropriate Content
I was really disappointed when the FAZ gave me no options for devices. This solution makes perfect sense, I just wished it was called out more clearly in the docs for FAZ.
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Inappropriate Content
Invaluable info, thanks. This really should be spelled out in part of the mainline documentation for FortiOS and/or FAZ.