Assuming the log is enabled, follow the below KB article:Technical Tip: How to enable traffic logs for version 7.0 and later

Problem Summary:

An issue was reported where  FortiWeb does not record any kind of log. 

Troubleshooting:

To further verify the issue, collect and attach the below-requested logs, and upload them to the Ticket:

diagnose debug crash logs show
get system status
fnsysctl ps
get system status
diagnose hardware logdisk info
diagnose system mount list
diagnose hardware harddisk list
diagnose debug application logd 7
diagnose debug enable

To disable the debug, execute below command:

diagnose debug di

or Workaround:

Run command 'diag sys top'<----- Ctrl+C to stop it from running.

Note down the process ID for logd process.

Then run the command:

diagnose sys kill 9 <process id of logd>

If this step does not solve the issue, rebuild the Database. Run the below CLI command for database rebuild:

execute db rebuild

This operation will clean and rebuild the database for disklog.

The proposed workaround involved rebuilding the log database to possibly resolve the issue:

• It is recommended to run this command during low peak hours. This is because the process recreates the log database.
  

Note:

Users facing similar log delay issues should consider rebuilding the log database, but should be aware of the potential high disk IO usage during the process and thus choose off-peak hours for the operation.

If FortiWeb has an HA configuration in HA mode, running 'execute db rebuild' on the master appliance will take effect on all slaves simultaneously.