Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
vkoodakandi
Staff
Staff

Created on ‎05-28-2021 05:34 AM Edited on ‎05-29-2025 06:43 AM By Moderator

Article Id 195404

Technical Tip: Unable to display Forward traffic logs

Description


This article describes the first workaround steps in case of unable to retrieve the Forward traffic logs or Event logs from the FortiCloud.
However, memory/disk logs can be fetched and displayed from GUI.

 

Scope

 

FortiGate.

Solution


Check internet connectivity and confirm it resolves hostname 'logctrl1.fortinet.com'.

 

execute ping logctrl1.fortinet.com
PING logctrl1.fortinet.com (208.91.113.103)

 

Validate FortiCloud log state.

 

V7.2.3 and below:

 

diagnose test application miglogd 20

 

V7.2.4 and above:

 

diagnose test application fgtlogd 20


Check the server status is 'UP'.

 

diagnose test application miglogd 20
Home log server:
    Address: 208.91.113.194:514, st: up
    oftp status: established
    spos: 521, slen: 521
    rpos: 24, rlen: 24
Alternative log server:
    Address: 208.91.113.101:514, st: unknown
    oftp connection haven't been established
Active log server:  HOME
 Number of log task:     0
Number of task in list: 0
Debug zone info:
    Server IP:      208.91.113.194
    Server port:    514
    Server status:  up
    Log quota:      102400MB
    Log used:       394MB
    Daily volume:   20480MB
    FDS arch pause: 0
    fams archive pause: 0
stats: total=610774, acked=610774, discard=0, rejected=0

 

The problem cause is because of connection timeout with the TCP connection during when logs are retrieved from FortiCloud. The same can be checked with the sniffers collected on FortiGate when we refresh the Traffic/Event log display page from GUI.

The problem solution is with increase in the connection time-out under FortiGuard settings:

 

config log fortiguard setting
(setting) # show full-configuration
config log fortiguard setting
    set status enable
    set upload-option realtime                                                                                
    set enc-algorithm high
    set source-ip 0.0.0.0
    set conn-timeout 60    <----- (Range is from 1 to 3600 in sec.
end

 

Increasing the timeout will keep the TCP connection towards the FortiCloud stable.
This will ensure that the logs from the FortiCloud are collected and displayed properly.

See Technical Tip: Security enforcement change for FortiGates provisioned to FortiGate Cloud without act... for more information about recent limitations on this feature.

 

Related article:

Troubleshooting Tip: FortiCloud connection failure

Labels:
5148
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.