Hello,
FortiAnalyzer 6.2.1 is showing that my analytics usage for a particular ADOM is 70GB right now and goes back 14 days. From the GUI under Storage Info, I can see one device in the ADOM is using 52.1 GB.
What are some commands to get a further breakdown of the device's usage?
Based on the log graph on the FortiGate itself, it doesn't show it has sent that amount of data in the last 14 days, so I feel like the SQL database is reporting wrong information or has some old tables stuck in it from a previous firmware.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi
# diagnose log device
to see all
if you can filter by device ID or ADOM, add:
<device-id> | adom
regards
/ Abel
Hey Abelio,
Thanks for taking the time to respond. I already tried "diag log device", but it doesn't give you the information I am looking for.
The breakdown of the specific device only shows archived log information, not analytics:
FAZVM64 # diag log device
Device Name Device ID Used Space(logs / quarantine / content / IPS) Allocated Space Used%
FGT-Kilgo FGHAxxx_CID 20.1GB( 20.1GB/ 0.0KB/ 0.0KB/ 0.0KB) unlimited n/a
The breakdown of the ADOM does show the analytics usage as the "database" side, but it doesn't break down what is using that data.
AdomName AdomOID Type Logs Database
[Retention Quota UsedSpace(logs / quarantine / content / IPS) Used%] [Retention Quota Used Used%]
KilgoADOM 1488 FGT 365days 45.0GB 28.7GB( 28.7GB/ 0.0KB/ 0.0KB/ 0.0KB) 63.8% 60days 105.0GB 76.6GB 72.9%
I can see the breakdown by device in the GUI, but I want to know more specifics about what analytics data is causing the 55.3GB of utilization. Is it traffic logs, event logs, or what?
The analytics says 15 days used, but this device has not sent 50GB of logs in the last 15 days to the FortiAnalyzer, according to the graph on the FortiGate at least.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1688 | |
1087 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.