DescriptionThis KB article describes, why a FortiManager unit may display a difference between the FortiManager web filtering database version and the FortiGuard Distribution Network web filtering database version.SolutionThe FortiManager unit downloads the latest web filtering delta db packages every 10 minutes. However, a new db is only re-created (merged) by default every 6 hours. The merging process is a very disk intensive. Therefore, the FortiManager web filtering version that you see displayed with CLI commands is the last one that was merged. You can configure this value down to a minimum of every 2 hours, but that is the lowest possible value for this interval, by design. Some difference between the FortiManager and FortiGuard Distribution Network servers web filtering db versions is therefore normal by design, and to be expected.
To configure a more frequent interval, use these CLI commands:
conf fmupdate web-spam fgd-setting
set update-interval 2
end
FortiManager software will use the delta file received only after the database is fully recreated, and not before.
As a result, there will be a time difference compared to the FortiGuard network of "N" hours, where "N" is the value specified in the command "conf fmupdate web-spam fgd-setting" > "set update-interval N").
The CLI command to query the FortiManager local database is:
diag fmupdate fgd-url-rating <FortigateSerialNumber> 4 <URL to query>
