FortiClient EMS includes a log rotation feature. Starting from v7.2.5 and v7.4.0, the log rotation process includes not only deletion but also archiving.

This option can be configured through the GUI under System Settings -> Log Settings, as shown below.

This feature automatically archives (gzip) and deletes log files based on the number of days defined. Archiving targets *.log files that were last modified beyond the period of 'defined days / 3'. With the default setting of 30 days, the following behavior occurs.

The status of the logs can be verified by checking the following directories:

• C:\Program Files (x86)\Fortinet\FortiClientEMS\logs.
• C:\Program Files (x86)\Fortinet\FortiClientEMS\Fcm\logs.

Note:

The installation directory may differ depending on the system environment.

For example, when checking the folder on June 10 at 17:45, the following status may be observed: Log files aged between 1 and 10 days are not archived or deleted.

Archived gzip files are available for logs aged between 10 and 30 days.

Archived logs exist only up to 30 days ago.

Related articles:

Troubleshooting Tip: FortiClient EMS Log Rotation Issue

Technical Tip: How the Log Rotation Feature Works in FortiClient EMS