Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
jpatel
Staff
Staff

Created on ‎09-23-2019 02:19 AM Edited on ‎05-16-2024 10:02 PM By Community Manager

Article Id 195169

Technical Tip: How to configure FortiAnalyzer local event log interval for device offline, disk full and gb/day limit exceeded events

Description


This article describes how to configure the local event log interval of FortiAnalyzer for the following three events

 

  1. Device offline i.e. FortiAnalyzer didn’t receive a log from the device in the last xx minutes.
  2.  Disk full.
  3.  GB/Day limit exceeded. 

 

And how to configure the percentage of disk usage which triggers disk full.

 

Scope

 

FortiGate.

Solution


The configuration can only be done via FortiAnalyzer CLI using following commands

 

config system locallog setting
set log-interval-dev-no-logging <x> #< -- Interval setting for device offline event
set log-interval-disk-full <x>      #<-- Interval setting for disk full event
set log-interval-gbday-exceeded <x> #<-- Interval setting for gb/day limit exceeded event
...
set log-interval-disk-full <y> #<-- disk usage which triggers disk full
 
end     

 

Note:
The value x is the interval in minutes, the range should be [5-2880] or '0' as disabled.
the value y is the percentage as an integer [0-100] where 80 is the default.

Labels:
1813
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.