Help
FortiClient
FortiClient proactively defends against advanced attacks. Its tight integration with the Security Fabric enables policy-based automation to contain threats and control outbreaks. FortiClient is compatible with Fabric-Ready partners to further strengthen enterprises’ security posture.
mithing
Staff
Staff

Created on ‎03-23-2025 10:51 PM Edited on ‎03-23-2025 10:52 PM By Community Manager

Article Id 382702

Troubleshooting Tip: Fail to send FortiClient logging to FortiAnalyzer-Cloud

Description This article describes what to check when failing to send FortiClient logging to FortiAnalyzer-Cloud.
Scope EMS v7.2.x.
Solution

To ensure FortiClient can send the logging to FortiAnalyzer Cloud:

  1. Allow the connection for port TCP/514.

 

Sample Topology:

Endpoint FortiClient -------> Firewall------> FortiAnalyzer Cloud (xxxxxx.xxxxxx.fortianalyzer.forticloud.com)  Tcp/514

 

Sample setting in endpoint profile:


KB4.PNG

 

Related document

Required services and ports

 

  1. The FortiAnalyzer Cloud requires an additional license with minimum SKU FC1-10-AZCLD-463-01-DD to enable FortiAnalyzer-Cloud to receive logs from FortiClient.

 

Related documents:

Logging support and daily log limits

Logging to FortiAnalyzer Cloud
90
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.