Help
FortiAnalyzer
FortiAnalyzer can receive logs and Windows host events directly from endpoints connected to EMS, and you can use FortiAnalyzer to analyze the logs and run reports.
mgoswami
Staff
Staff

Created on ‎12-09-2025 06:50 AM

Article Id 422325

Troubleshooting Tip: Unable to Delete VDOM from FortiAnalyzer

Description This article describes the issue of being unable to delete a VDOM from FortiAnalyzer. The article provides a step-by-step solution to resolve this issue, which may occur due to a corrupted dvmdb or other configuration issues.
Scope FortiAnalyzer, FortiGate, FortiManager.
Solution

VDOM deletion may fail on FortiAnalyzer from the CLI with the following error:

 

fazs10 # exec log device vdom delete DEVICE_NAME ABC


This command will delete Vdom:'ABC' and its log files from device 'DEVICE_NAME'.
Do you want to continue? (y/n)y

 

Internal error: 1.
Command fail. Return code 1

 

This could be because the dvmdb may be corrupted.

 

Run the following debug commands in the FortiAnalyzer CLI:

 

diagnose debug enable
diagnose debug service dvmdb 255

 

Then, execute the command that failed previously from a separate CLI window:

 

execute log device vdom delete xxx xxx

 

The following logs are observed:

 

The VDOM is loaded successfully:

 

Request [/bin/newcli:33396:8]:
{ "client": "\/bin\/newcli:33396", "id": 8, "method": "get", "params": [{ "target start": 1, "url": "dvmdb\/device\/fw-rect-tstips\/vdom
"}]}
Response [/bin/newcli:33396:8]:
{ "id": 8, "result": [{ "data": [{ "comments": "Vdom between Belnet and rtr-rect-inter", "devid": 185, "ext_flags": 0, "flags": 0, "name
": "IPS_Ext", "node_flags": 4, "oid": 104, "opmode": 2, "rtm_prof_id": 0, "status": null, "tab_status": null, "vdom_type": 1, "vpn_id":
0}, { "comments": null, "devid": 185, "ext_flags": 0, "flags": 0, "name": "IPS_Nat_Tst", "node_flags": 4, "oid": 106, "opmode": 1, "rtm_
prof_id": 0, "status": null, "tab_status": null, "vdom_type": 0, "vpn_id": 0}, { "comments": "", "devid": 185, "ext_flags": 0, "flags":
0, "name": "root", "node_flags": 0, "oid": 3, "opmode": 1, "rtm_prof_id": 0, "status": null, "tab_status": null, "vdom_type": 1, "vpn_id
": 0}], "status": { "code": 0, "message": "OK"}, "url": "dvmdb\/device\/fw-rect-tstips\/vdom"}]}
- ABC

 

However, attempt to delete it fails:


Request [/bin/newcli:33396:9]:
{ "client": "\/bin\/newcli:33396", "id": 9, "method": "delete", "params": [{ "target start": 1, "url": "dvmdb\/device\/fw-rect-tstips\/v
dom\/IPS_Ext"}]}
Response [/bin/newcli:33396:9]:
{ "id": 9, "result": [{ "status": { "code": -20001, "message": "Internal error"}, "url": "dvmdb\/device\/fw-rect-tstips\/vdom\/IPS_Ext"}
]}
Delete Vdom 'IPS_Ext' of Device 'DEVICE_NAME' failed.
Internal error: 1.
Command fail. Return code 1

 

To resolve the issue, follow these steps:

 

Try running the following commands to check the integrity of the dvmdb and adom:

 

diagnose pm2 check-integrity all
diagnose dvm check-integrity
diagnose cdb check adom-integrity

 

If the above steps do not resolve the issue, try removing the device from FortiAnalyzer and then adding it back. Before adding it back, try to remove the VDOM from the FortiGate side.
133
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2026 Fortinet, Inc. All Rights Reserved.