To resolve this issue, follow these steps to ensure that both FortiWebs with the correct version are available on FortiAnalyzer:

1. Make sure to backup FortiAnalyzer's configuration prior to any modifications.
2. Also backup all the necessary FortiAnalyzer logs.
3. Now delete the FortiWeb configuration in FortiAnalyzer:

     From CLI:

config sys global 

    delete log-device <device-name

end

      4. Add Primary FortiWeb to FortiAnalyzer:

• Enable the ADOM, Go to Root-ADOM -> Device Manager -> Unregistered device, select the Primary FortiWeb device, and select 'OK' the device will be added.

5. Edit the FortiWeb object in FortiAnalyzer and configure the correct user and password.

• Go to Device Manager -> Device & Groups.
• In the tree menu, select the device group.
• In the content pane, select the device select Edit, or 'right-click' on the device and select 'Edit'.
• The Edit Device pane displays where it is possible to enter the correct username and password.

• Select ‘OK’ to save changes.

6. In FortiWeb disable and enable FortiAnalyzer communication

• To disable FortiWeb in Fortianalyzer follow the below steps:

 config log fortianalyzer

     set status disable

 end

• To enable FortiWeb in Fortianalyzer follow the below steps:

config log fortianalyzer

    set status enable

end

After configuring the username and password and changing the FortiAnalyzer status in Fortiweb was possible to see the correct Fortiweb version and connect in FortiAnalyzer.

7. To view the secondary unit in FortiAnalyzer:

• Change secondary FortiWeb device unit to Master role.
• After doing a Reboot to the primary device, the secondary device will be master.

8. Repeat step 5 and step 6.

Once these above steps are performed it will be possible to see both FortiWeb primary and FortiWeb Secondary devices on Fortianalyzer along with logs from both the devices.