FortiDDoS is a solution designed to protect networks from Distributed Denial of Service (DDoS) attacks. Forti Analyzer is a centralized logging and reporting platform. Configuring FortiDDoS to send logs to FortiAnalyzer is essential for comprehensive security monitoring and analysis. Troubleshooting log-sending issues is crucial to ensure that important data is being recorded.

Troubleshooting steps:

1. Verify Network Connectivity:
   Ensure that there is network connectivity between the FortiDDoS device and the FortiAnalyzer unit. Check physical connections, routing, and firewall rules that might block the traffic.
   
   
2. Check FortiDDoS Configuration:
   Log in to the FortiDDoS web interface and navigate to the 'System' or 'Log' settings. Verify that the FortiAnalyzer IP address and port are correctly configured.
   Confirm that the log format and protocol match the settings on FortiAnalyzer. Common protocols are syslog, FortiAnalyzer, and syslog-ng.
   
   
3. Check FortiAnalyzer Configuration:
   Access the FortiAnalyzer web interface and navigate to the 'Log & Report' settings. Ensure that the device is configured to receive logs from the FortiDDoS device.
   Verify that the receiving port and log format settings on FortiAnalyzer match the configuration on FortiDDoS.
   
   
4. Test Connectivity:
   Use tools like 'telnet' or 'nc' to test if the FortiDDoS device can establish a connection to the FortiAnalyzer unit on the specified port. For example telnet <FortiAnalyzer-IP> <Port>.
   Replace '<FortiAnalyzer-IP>' with the actual IP address of the FortiAnalyzer and '<Port>' with the configured receiving port.
   
   
5. Check Firewalls and Security Policies:
   Review the firewall and security policies on both FortiDDoS and FortiAnalyzer. Ensure that there are no rules blocking the log traffic.
   Look for security profile settings, such as IPS, that might inspect or block the log traffic.
   
   
6. Log Files on FortiDDoS:
   Access the FortiDDoS CLI and check log files for any error messages or issues related to log sending. Use the following command: diagnose test application eventd 2. This command will help diagnose issues with log generation and sending.
   
   
7. Log Files on FortiAnalyzer:
   On FortiAnalyzer, review log files for any incoming log messages or errors. The FortiAnalyzer CLI can be useful for this purpose: diag log read.
   
   
8. Traffic Inspection and Debugging:
   Enable debugging or packet capture tools on both FortiDDoS and FortiAnalyzer to inspect the log traffic. Check if logs are being sent from FortiDDoS and received by FortiAnalyzer.
   
   
9. Consult Documentation and Support:
   If the issue persists and it is not possible to identify the root cause, consult the documentation for both FortiDDoS and FortiAnalyzer. It is also possible to contact Fortinet Support for further assistance and troubleshooting.