We recently conducted an internal penetration test and the testing machine generated 20 times more messages on our analyzer. I have already deleted log files, however, is there a way to delete the messages generated by that PEN test machine from the analytic database? Thanks!
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hey ryeh028,
there is no way to delete entries from the analytic database directly.
The only way to remove those log messages is to first delete them from archive logs, and then rebuild the database:
-> this will discard the current database with the logs in question
-> the new database will be rebuilt based on archive logs (where the logs in question were already removed)
-> the new database should not contain the logs in question
KB on rebuilding a database: https://community.fortinet.com/t5/FortiAnalyzer/Technical-Tip-FortiAnalyzer-SQL-database-delete-and-...
Hey ryeh028,
there is no way to delete entries from the analytic database directly.
The only way to remove those log messages is to first delete them from archive logs, and then rebuild the database:
-> this will discard the current database with the logs in question
-> the new database will be rebuilt based on archive logs (where the logs in question were already removed)
-> the new database should not contain the logs in question
KB on rebuilding a database: https://community.fortinet.com/t5/FortiAnalyzer/Technical-Tip-FortiAnalyzer-SQL-database-delete-and-...
Thank you!
Randy
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1640 | |
1069 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.