Hi,
I've set the Data Policy for my root ADOM to 120 days for Analytic logs. All my Fortigates are in that ADOM. However, when I view the logs, there are only logs available for the last 61 days. It never exceeds 61 days plus a few hours, even though the ADOM root has 40 % of unused storage. The analytic / archive ratio is set to 75 / 25. Do you know what I'm doing wrong? I'd expect it to fill the storage until it's full or the data policy is met but it doesn't do any of that.
I also tried rebuilding the SQL DB. It seemed to be working at first, since logs for analytics reached 61 and 20 hours but after 00:00, it reset itself to 61 days and 0 hours. After the rebuild it freed up some space and ADOM root now even has 55 % of unused storage but is stil not logging according to the policy.
Thanks in advance
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi ,
Please check and review the settings below :
Go to system settings > Advanced > Device log settings > and make sure that in Automatically delete section , the number of days chosen there are more than 61 days
Hi ,
Please check and review the settings below :
Go to system settings > Advanced > Device log settings > and make sure that in Automatically delete section , the number of days chosen there are more than 61 days
Thanks, it was actually set to 60 days.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1696 | |
1091 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.