Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Stuart_Kendrick
New Contributor

Download a month of logs at a time

Under Log View... Log Browse... I can see how to download past logs in ~55MB chunks, which tend to cover 5-10 minute chunks of time.  I can see how to select one at a time.  Or even a screenful at a time.  When I choose Download, I then must confirm, in my browser UI, each file's download, serially.

 

I am tasked with downloading the last 4-6 months of logs, in CSV format.

 

That would be a lot of clicking ... on the order of 15,000 ... 30,000 clicks.  Actually, twice that, because it takes ~2 clicks to download each file.

 

Is there a more efficient way of downloading lots of logs?  Is it possible to ask the GUI to consolidate an entire month's worth of logs (in CSV format) into a single .gz file?

 

I have figured out how to acquire BASH access to the FAZ ... and I have found an archive of logs in /Storage/Logs/{serial #}/root/archive/{string of digits}   ... this must be the native log archive ... but I don't see a way to ship these off the box, via sftp (I am unable to sftp out nor to sftp in).  And in any case, I don't want them in Native format; rather, I want them in CSV format

 

What are my options, for extracting logs off the FAZ in a large-scale way?

 

--sk

Stuart Kendrick

3 REPLIES 3
abelio
Valued Contributor

Hi

one option:  using CLI and FTP/SFTP server anywhere:

 

execute backup logs-only <device name(s)> {ftp | scp | sftp} <ip> <username> <passwd> <directory> [vdlist]

 

There's also the option:  execute backup logs ....

but that option backup the device logs and the content archives too. Your choice

 

 

regards




/ Abel

regards / Abel
Stuart_Kendrick

How might I then convert these from Native format to CSV format?

 

--sk

abelio

Nice question ...

 

Maybe attempting with another approach: forcing rolling of logs when size exceeds some value, 55MB in your case apparently

and with CLI:

config system log settings

  config rolling-regular      set upload enable      set log-format csv end

 

 

regards




/ Abel

regards / Abel
Labels
Top Kudoed Authors