Help
FortiSOAR Knowledge Base
FortiSOAR: Security Orchestration and Response software provides innovative case management, automation, and orchestration. It pulls together all of an organization's tools, helps unify operations, and reduce alert fatigue, context switching, and the mean time to respond to incidents.
sramanujam
Staff
Staff

Created on ‎09-22-2024 10:25 PM

Article Id 342923

Troubleshooting Tip: How to Resolve Audit Log Deletion Errors in FortiSOAR?

Description

This article describes how to resolve the Audit Log Cleanup error caused by Access Denied Permission issues.

 

CS-INTEGRATION-5: Error occurred while executing the connector action ERROR :: 403 Client Error: Forbidden for url: https://localhost/api/gateway/audit/activities/delete :: {'type': ''AccessDeniedException', 'message':'Access Denied.'} :: Url: https://localhost/api/gateway/audit/activities/delete
Scope FortiSOAR v7.x.
Solution

AssumptionsIn my lab instance, the csadmin user has scheduled the AuditLog Cleanup playbook. The Playbook Administrator role is assigned to the csadmin user.

 

Step 1: Go to Settings -> Users, identify the relevant user and their role.

Step 2: Go to Settings -> Roles, and select the Playbook Administrator role.

Step 3: Scroll down to the Audit Log Activities module and select the delete privileges.

 

2024-09-20 14_02_18-Playbook Administrator _ Roles _ Security and 2 more pages - Work - Microsoft​ E.png

 

Note:

User and role changes may vary between customer environments. Plan to adjust accordingly.

 

470
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2026 Fortinet, Inc. All Rights Reserved.