FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
kcheng
Staff
Staff
Article Id 283119
Description

This article describes how to retrieve logs from undeployed FortiGate from FortiGate Cloud. 

 

  1. Once FortiGate is being undeployed from FortiGate Cloud, the FortiGate Cloud administrator and authorized user will not be able to see the respective device on the asset page. The asset page would show only devices that are deployed under the respective account:

 

Picture1.png

 

From the respective asset page, it will not be possible to view the undeployed FortiGate and hence will not be able to view the historical logs.

Scope FortiGate Cloud.
Solution

The undeployed FortiGate can be viewed by toggling the view of 'RMA'd and Undeployed' feature to enable:

  1.  From the asset screen, select 'Options' and toggle 'RMA'd and Undeployed' to enable:

 

Picture2.png

 

  1. Once enabled, it will be possible to view the undeployed FortiGate from the asset page:

 

Picture3.png

 

  1. To access the historical logs, select 'Device View' of the device:

 

Picture4.png

 

  1. Once in the respective device view, it will be possible to view the logs that are saved in FortiGate Cloud:

 

Screenshot_1.png

 

Note:

For a free FortiGate Cloud account, log retention is only 7 days, while the FortiGate Cloud Premium account will have a log retention of a year. Logs that exceed the log retention date will be deleted from FortiGate Cloud.

Hence,  the device was undeployed 14 days ago, and having a free FortiGate Cloud account, the logs would be empty despite enabling this feature. 

Contributors