Description | This article describes a tip to take in mind to know what happening when filtering logs on FortiGate from FortiAnalyzer. |
Scope | FortiGate, FortiAnalyzer. |
Solution |
When FortiGate sends logs to FortiAnalyzer, these can be consulted and filtered on the FortiGate logs section. When a filter is configured, FortiGate must wait for a response from FortiAnalyzer with the results matching criteria. During this process, the GUI log viewer waits for 500 log entries before displaying any result or if it has exhausted searching through all logs. The way this process is being carried out is by polling log API.
After about 10 seconds, if GUI has not received the required amount from FortiAnalyzer, but received some entries, it will ask the user if willing to dismiss the search and just show the data that has been recollected.
To collect the process, it is possible to use the FortiGate Support Tool Chrome plugin.
Related article: |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.