After replacing the failed device, it is necessary to delete the broken device from the Device Manager in FortiAnalyzer.

In this scenario, FortiGate test_FGVM02 is faulty and has been replaced with FGXXX83.

Select to edit the device, and there is no remove button for test_FGVM02.

The remove button (X) is only available for FortiGate XXX83 and FortiGate XXX90.

Note:

Deleting FortiGate from FortiAnalyzer will result in FortiGate logs being deleted from FortiAnalyzer. Back up all the logs to the external server before following the steps below:

Steps to remove the FortiGate test_FGVM02:

1. Run the command below in FortiAnalyzer CLI:

config system global

    set ha-member-auto-grouping disable

end

2. Select the FortiGate HA cluster.

    

3. Remove the secondary FortiGate by selecting the X Button.

    

4. Wait for a while (around 5minutes) for the deleted FortiGate to appear as unauthorized devices. 

5. Once the devices have been authorized, all the devices will be in standalone mode.

    

6. Select one of the working FortiGates and regroup the other working FortiGates as a cluster.

7. Finally, delete the faulty FortiGate test_FGVM02.

    

Related article:

Technical Tip: Auto FortiGate HA grouping (based on group name) on FortiAnalyzer