This article describes how to identify and troubleshoot the 'Your daily logs GB/day limit is exceeded within the last 7 days' warning on FortiAnalyzer.
When seeing this warning notification 'Your daily logs GB/day limit is exceeded within the last 7 days.' on the FortiAnalyzer’s alert pane, it means that the logging rate of this FortiAnalyzer has exceeded the licensed logging rate.
This can be verified under System Settings -> Dashboard -> 'License Information' widget -> Logging -> GB/Day -> Details. In the image shown below, the daily licensed logging rate is 201 GB/day but the actual logging rate detected by FortiAnalyzer has exceeded that amount for the past 7 days.
This could be a good time to think of purchasing a bigger license to accommodate the increased logging rate. Operating your VM beyond the licensed capacity could affect the ability to receive technical support.
Any additional licenses that are purchased are stackable with the old license. For example, if originally it was on the FAZ-VM-GB1 (1 GB/day) license and had purchased a FAZ-VM-GB5 (5 GB/day) license, the entitled GB/day logs would be 6 GB/day.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.