I am trying to view Audit logs for users in FortiManager 7.4.2 like which user installed a policy or changed an object.
where can i find these ? Do i need to enable any setting for this ?
i tried to check in system settings-> events logs but that section is empty ..only when i select real time in top right i can see any logs there.. is this expected ? or is it a bug in 7.4.2
Thanks
I have 7.2.2 and I can see the logs (System Settings-> Events Log), e.g.: when I select "Last 1 Hour" the logs are displayed correctly.
This was the default setting and nothing has been changed for that.
i m not sure if its a problem with the version ..i m on 7.4.2 and i think it worked fine when i was on 7.4.1
Hi @lostboy10
I would suggest to review the following article:
https://community.fortinet.com/t5/FortiManager/Technical-Tip-FortiManager-FortiAnalyzer-local-event-...
Also, for the local log :
faz.example.com # config system locallog disk setting
(setting)# get
path=system.locallog.disk, objname=setting, tablename=(null), size=336
status : enable
severity : debug <--- All possible events to be saved
upload : disable
server-type : FTP
max-log-file-size : 100
max-log-file-num : 10000
roll-schedule : none
diskfull : overwrite
log-disk-full-percentage: 80
log-disk-quota : 1
Please review that you had enough disk space.
Best,
Thanks..i verifed this and disk space looks fine
Check if logging is properly configured on your FortiManager device. Ensure that the appropriate log settings are enabled to capture user activities in gb insta.
Where do i see that ? i am not sure but is it a kknown problem with forti OS 7.4.2 ?
Hi @lostboy10 ,
Do FortiAnalyzer features enabled? You may proceed to perform database rebuild by below command to see it able to rectify the issue.
# execute sql-local rebuild-db
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.