FortiAnalyzer
FortiAnalyzer can receive logs and Windows host events directly from endpoints connected to EMS, and you can use FortiAnalyzer to analyze the logs and run reports.
tnaik
Staff
Staff
Description
This article describes How to configure automated backup of the FortiManager/FortiAnalyzer configuration.

For this demonstration FileZilla will be used as FTP server.

Solution
FortiManager/FortiAnalyzer Automatic backup setting can be done only from CLI only.

1)Login to FortiManager/FortiAnalyzer CLI:
# config system backup all-settings
    set status enable
    set server "10.1.1.1"       <----- FTP server IP address
    set user "admin"            <-----  FTP server username
    set directory "/fmg"
    set week_days monday tuesday wednesday thursday friday saturday sunday
    set time "18:47:00"
    set protocol ftp            <----- Use question mark to see another available protocol option.
    set passwd pass123          <----- FTP server password
end
Note.
To make sure FTP server is reachable from
FortiManager/FortiAnalyzer, use below command:
# exe ping x.x.x.x              <----- x.x.x.x is FTP server IP.
2) FileZilla setting.

Create user in FileZilla.




3) Configured backup file location.





FileZilla logs.





Note.
If there is issue Related to FTP server, contact the FTP server team.

FortiManager side troubleshooting.

Run sniffer and then convert the file in PCAP.
# di sniffer packet any "host <FTPSERVERIP> and port 21" 3 0 l
Example.
# di sniffer packet any "host 10.1.1.1 and port 21" 3 0 l
PCAP sample output as below.



Contributors