Created on 05-30-2017 02:58 AM Edited on 05-29-2022 03:35 AM By Anthony_E
Description
This article describe how it is necessary to delete a VDOM from a FortiAnalyzer using the CLI and not the GUI.
Solution
# conf vdom(vdom)delete test
(vdom)end
deleted.# exec log device vdom list 1500D
Device name:1500D.
|-------id:0, name:root (*** can not be deleted ***)
|-------id:1, name:tester1
|-------id:2, name:tester2
|-------id:3, name:vdom_lag <----- 'Test' is gone.
But the VDOM reappears minutes later.This is as designed because the underlying logs still exist.# exec log device vdom list 1500DDevice name:1500D.
|-------id:0, name:root (*** can not be deleted ***)
|-------id:1, name:tester1
|-------id:2, name:tester2
|-------id:3, name:vdom_lag
|-------id:4, name:test <----- Reappeared.
Solution: Delete the VDOM from the CLI.
Deleting the VDOM from the CLI (starting in FortiAnalyzer 5.4.3 & 5.6.0) will also delete the log files associated with that VDOM.
execute below command to delete log files uploaded from VDOM 'test'.# exec log device vdom delete 1500D test <----- '1500D' is unitname,and 'test' is VDOM name.
This command will delete Vdom:'test' and its log files from device '1500D'.
Do you want to continue? (y/n)y
Vdom:'test' and its log files were deleted from unit 'FG1K5D3I15-----3' successfully.
Result: VDOM "test" doesn't reappear again.
Starting from firmware 6.0.5 onwards, deletion of VDOM has been implemented to support GUI.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.