Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
kilgotrout
New Contributor

Analytics Usage Information

Hello,

 

FortiAnalyzer 6.2.1 is showing that my analytics usage for a particular ADOM is 70GB right now and goes back 14 days. From the GUI under Storage Info, I can see one device in the ADOM is using 52.1 GB.

 

What are some commands to get a further breakdown of the device's usage?

 

Based on the log graph on the FortiGate itself, it doesn't show it has sent that amount of data in the last 14 days, so I feel like the SQL database is reporting wrong information or has some old tables stuck in it from a previous firmware.

2 REPLIES 2
abelio
Valued Contributor

Hi

 

# diagnose log  device 

to see all

 

if you can filter by device ID or ADOM, add:

<device-id> | adom   

regards




/ Abel

regards / Abel
kilgotrout

Hey Abelio,

 

Thanks for taking the time to respond. I already tried "diag log device", but it doesn't give you the information I am looking for.

 

The breakdown of the specific device only shows archived log information, not analytics:

 

FAZVM64 # diag log device
Device Name Device ID Used Space(logs / quarantine / content / IPS) Allocated Space Used%
FGT-Kilgo FGHAxxx_CID 20.1GB( 20.1GB/ 0.0KB/ 0.0KB/ 0.0KB) unlimited n/a

 

The breakdown of the ADOM does show the analytics usage as the "database" side, but it doesn't break down what is using that data.

 

AdomName AdomOID Type Logs Database
 [Retention Quota UsedSpace(logs / quarantine / content / IPS) Used%]  [Retention Quota Used Used%]
KilgoADOM 1488 FGT 365days 45.0GB 28.7GB( 28.7GB/ 0.0KB/ 0.0KB/ 0.0KB) 63.8% 60days 105.0GB 76.6GB 72.9%

 

I can see the breakdown by device in the GUI, but I want to know more specifics about what analytics data is causing the 55.3GB of utilization. Is it traffic logs, event logs, or what?

 

 

 

The analytics says 15 days used, but this device has not sent 50GB of logs in the last 15 days to the FortiAnalyzer, according to the graph on the FortiGate at least.

 

Labels
Top Kudoed Authors