Description | This article describes how to check FortiAnalyzer archive logs. |
Scope | FortiAnalyzer. |
Solution |
To check the archive logs rollover settings at the current ADOM:
1) Select the ADOM to check. 2) Select System Settings. 3) Select 'Advanced', then select 'Device Logs Settings'. 4) Under Registered Device Logs: Roll log file when size exceeds: 200MB Roll log files at scheduled time: Weekly Sunday 12am
*The logs size received at FortiAnalyzer will increase until it exceeds 200MB, then the logs will roll over/ archived it. *If the Roll logfiles is enabled at the scheduled time, the logs will roll over it at that specific time that is configured. . Refer to below image:
Below is an example of logs rolling over once it exceeds 200MB. In this example, notice that tlog.1680482237.log is changed to tlog.1680482237.log.gz. The size of .log is bigger than .log.gz, because the .log.gz is roll over/ archived.
Refer to below image:
FortiAnalyzer documentation: https://docs.fortinet.com/product/fortianalyzer/7.2
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.