Help
FortiAnalyzer
FortiAnalyzer can receive logs and Windows host events directly from endpoints connected to EMS, and you can use FortiAnalyzer to analyze the logs and run reports.
tnesh
Staff
Staff

Created on ‎11-24-2024 06:37 AM

Article Id 359505

Troubleshooting Tip: FortiAnalyzer AWS S3 connector upload error

Description

This article describes how to troubleshoot FortiAnalyzer getting errors when uploading log files to an AWS S3 bucket.
Scope FortiAnalyzer.
Solution

Sample error when performing upload test to the S3 bucket:

 

diagnose test application uploadd 62 <connector> <remote path>
 
FAZ # diagnose test application uploadd 62 s3-bucket s3-bucket
2024-11-23 14:44:35 s1) copy file. uuid[670e7820-a966-11ef-b99b-004e656f3701]
2024-11-23 14:44:36 [T27953:cmd_proxy.c:394] 1732344276 proc[670e7820-a966-11ef-b99b-004e656f3701] result not ready
2024-11-23 14:44:36 s-) result not ready. uuid[670e7820-a966-11ef-b99b-004e656f3701]
2024-11-23 14:44:37 [T27953:cmd_proxy.c:399] 1732344277 got proc[670e7820-a966-11ef-b99b-004e656f3701] return code: 256
2024-11-23 14:44:37 s2) rc=256 message[unknown error]

 

For FortiAnalyzer cloud storage connector settings, refer to the following article:

Technical Tip: FortiAnalyzer Cloud-out connector

 

Steps:

  1. Make sure AWS S3 Connector settings are all correct, especially for 'Access Key ID' and 'Secret Access Key/Password'.

    s3-bucket.png

     

  2. Make sure the AWS root CA Certificate has been imported into FortiAnalyzer -> Certificates.

    Note: AWS root CA certificate can be downloaded here: https://www.amazontrust.com/repository/.

    aws-root-ca-cert.png

     

  3. Make sure AWS User -> Permission policies allow access to the S3 bucket.

    Sample policy which allows all resources in AWS (for testing purposes only).

    aws-user-policy.png

     

  4. Once all the settings are verified correctly, proceed to perform the upload test again with the below command:

     

    diagnose test application uploadd 62 <connector> <remote path>

     

    Sample successful test result:

     
    FAZ # diagnose test application uploadd 62 s3-bucket s3-bucket

    2024-11-23 15:28:34 s1) copy file. uuid[8c5b84e6-a96c-11ef-b99b-004e656f3701]
    2024-11-23 15:28:35 [T27953:cmd_proxy.c:394] 1732346915 proc[8c5b84e6-a96c-11ef-b99b-004e656f3701] result not ready
    2024-11-23 15:28:35 s-) result not ready. uuid[8c5b84e6-a96c-11ef-b99b-004e656f3701]
    2024-11-23 15:28:36 [T27953:cmd_proxy.c:399] 1732346916 got proc[8c5b84e6-a96c-11ef-b99b-004e656f3701] return code: 0
    2024-11-23 15:28:36 s2) rc=0 message[success]
Labels:
172
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.