Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
adeboer
New Contributor

Forwarding all logs to a FAZ that is unavailable

If I have disk logging disabled and I'm forwarding all logs to a FAZ that is unavailable, what is the negative effect on a FortiGate that has 100s or 1000s of logs building up in the queue? Will this potentially cause memory issues?

 

Thanks!

1 Solution
brazz_FTNT
Staff
Staff

Hello,

 

FGT has some limited buffer size to queue the logs;however, eventually, the older logs will be dropped. 

Thanks

 

 

View solution in original post

3 REPLIES 3
brazz_FTNT
Staff
Staff

Hello,

 

FGT has some limited buffer size to queue the logs;however, eventually, the older logs will be dropped. 

Thanks

 

 

adeboer

Appreciate the reply, thanks!

emnoc
Esteemed Contributor III

This is why it's critical to have two log targets. If your using log memory you can controlling the setting but typically by default it's to overwrite. Don't worry about the fortigate failing due to lost connection or FAZ not available.

 

Ken Felix

PCNSE 

NSE 

StrongSwan