Created on 12-04-2023 06:06 AM Edited on 08-20-2024 12:06 AM By Jean-Philippe_P
Description |
This article describes how to enable the FortiAnalyzer Cloud option for logging on the FortiGate. Even though FortiAnalyzer Cloud entitlement is included in the license, the FortiAnalyzer Cloud option is grayed out in the Logging Settings on the Fabric Connectors page of FortiGate. |
Scope |
FortiGate v7.2 and above, FortiAnalyzer Cloud. |
Solution |
When trying to enable this option for CLI, it gives the following error:
config log fortianalyzer-cloud setting (setting) # set status enable Cannot enable both FortiGate Cloud and FortiAnalyzer Cloud at the same time. node_check_object fail! for status enable
value parse error before 'enable' Command fail. Return code -7
FortiGate will not allow to have FortiGate Cloud and FortiAnalyzer Cloud at the same time. So FortiGate must log out from FortiGate Cloud. A confirmation with a warning message will appear as follows:
Once successfully logged out, FortiAnalyzer Cloud can be enabled through CLI as follows:
config log fortianalyzer-cloud setting (setting) # set status enable (setting) # end
The Serial Number for FortiAnalyzer is not entered. To verify identity of FortiAnalyzer serial number is needed. If serial number is not set, connection will be set as unverified and access to local config and files will be accessible only with user name/password. FortiGate can establish a connection to obtain the serial number now.Do you want to try to connect now? (y/n)y
Unknown host: fortianalyzer.forticloud.com Failed to get certificate information. Do you want to try to connect now? (y/n)y
Obtained serial number from X509 certificate of Fortianalyzer is: FAZVCXXX11111111 Serial number from certificate MUST be the same as serial number observed in Fortianalyzer. If these two serial numbers don't match, connection will be dropped. Please make sure the serial numbers are matching. In case that Fortianalyzer is using a third-party certificate, certificate verification must be disabled. Do you confirm that this is the correct serial number? (y/n)y
This FortiGate unit does not have a valid FortiAnalyzer Cloud License. This feature will not work without a valid license. serial to be set: FAZVCXXX11111111 #
After this step, the FortiGate device must be authorized from FortiAnalyzer Cloud.
If not having a device level setting license for Fortianalyzer Cloud, this step will not fix the integration of FortiGate and FortiAnalyzer Cloud. It is possible to enable the FortiAnalyzer Cloud via CLI, however, it will not send OFTP to FortiAnalyzer Cloud. Hence, it is necessary to ensure having the FortiAnalyzer Cloud license.
diag test update info
System contracts: |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.