Technical Tip: How to configure FortiAnalyzer loca...

FortiGate

FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.

Article Id 195169

Description
This article describes how to configure the local event log interval of FortiAnalyzer for following three events

1) Device offline i.e. FortiAnalyzer didn’t receive log from the device in last xx minutes
2) Disk full
3) GB/Day limit exceeded

Solution
The configuration can only be done via FortiAnalyzer CLI using following commands

1) Interval setting for device offline event

# config system locallog setting
set log-interval-dev-no-logging <x>
end

2) Interval setting for disk full event

# config system locallog setting
set log-interval-disk-full <x>
end

3) Interval setting for gb/day limit exceeded event

# config system locallog setting
set log-interval-gbday-exceeded <x>
end

Note: The value x is interval in minutes, the range should be [5-2880] or '0' as disable

725

Contributors

jpatel

Anonymous

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Fortinet Community

Technical Tip: How to configure FortiAnalyzer local event log interval for device offline, disk full and gb/day limit exceeded events