FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 283119

This article describes how to retrieve logs from undeployed FortiGate from FortiGate Cloud. 


  1. Once FortiGate is being undeployed from FortiGate Cloud, the FortiGate Cloud administrator and authorized user will not be able to see the respective device on the asset page. The asset page would show only devices that are deployed under the respective account:




From the respective asset page, it will not be possible to view the undeployed FortiGate and hence will not be able to view the historical logs.

Scope FortiGate Cloud.

The undeployed FortiGate can be viewed by toggling the view of 'RMA'd and Undeployed' feature to enable:

  1.  From the asset screen, select 'Options' and toggle 'RMA'd and Undeployed' to enable:




  1. Once enabled, it will be possible to view the undeployed FortiGate from the asset page:




  1. To access the historical logs, select 'Device View' of the device:




  1. Once in the respective device view, it will be possible to view the logs that are saved in FortiGate Cloud:





For a free FortiGate Cloud account, log retention is only 7 days, while the FortiGate Cloud Premium account will have a log retention of a year. Logs that exceed the log retention date will be deleted from FortiGate Cloud.

Hence,  the device was undeployed 14 days ago, and having a free FortiGate Cloud account, the logs would be empty despite enabling this feature.