Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor II

Can I Import raw log from fortiGate to FortiAnalyzer



I have had a FortiGate that is not connected to FortiAnalyzer. The FortiGate had local storage and the local report had many limitations. I want to generate a security report of the IPS log. Can I export raw IPS log from FortiGate and Import it to FortiAnalyzer and generate a report from this log?


Thank you.

Esteemed Contributor III

On the FGT there are the "exec log backup" and "exec log raw-backup" commands in CLI. You can transfer those files via ftp or tftp.


On the FAZ, you will first have to create the device (the FGT), then you go to "Log View", "Log Browse", "Import". There is a detailed description in the FortiAnalyzer Admin Guide/Log View/Log Browse section.

You will have to be aware of the retainment period on the FAZ, and probably have to start the SQL insertion process manually. Again, Admin Guide.


"Kernel panic: Aiee, killing interrupt handler!"

Hi @ede_pfau ,


Thank you for the step. The CLI "exec log backup" and "exec log raw-backup" can export only all logs right? Can I specify only the IPS log? My firewall had the log size in the local storage of about 60-70GB. I think It will take a long time to transfer.


Thank you.