Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
sandyzzz
New Contributor

Created on ‎02-19-2025 08:04 AM

FortiAnalyzer - Archive logs Exceeded actual configured days

Fortianalyzer running on v7.2.9 facing issue related to logs are not being deleted.

IN the Data policy - Keep Logs for Analytics is 60 days & Keep Logs for Archive is 365 DAys. I have enable auto deletion under file management - delete file older than 365 days. but in the storage info, i see in the Archive(actual/config days) - 683/365 days... As per the config it should delete the archive logs older than 365 days but it didnt instead showing 683 days.. if i check in the log browse, it shows only last 3 months of archive data... 

 

please guide me on this - How to delete the archive logs older than 365 days and why the automatic deletion not working... FortiAnalyzer 

 

PFAfaz 12.pngFAZ-11.png

Sandyzzz
Sandyzzz
Labels:
743
0 Kudos
2 REPLIES 2
Stephen_G
Moderator
Moderator

Created on ‎02-23-2025 04:56 AM

Hello,


Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.


Thanks,

Stephen - Fortinet Community Team
715
0 Kudos
Stephen_G
Moderator
Moderator

Created on ‎02-26-2025 03:16 PM

Hi sandyzzz,

 

Please let me know if these steps help any:

1. Verify Data Policy Settings:

- Ensure that the data policy settings are correctly configured. You mentioned that the "Keep Logs for Archive" is set to 365 days. Double-check this setting to confirm it is applied correctly.

2. Check File Management Settings:

- Confirm that the automatic deletion settings under File Management are correctly configured to delete files older than 365 days. Ensure that the time period and time of day settings are correctly set.

3. Review Disk Utilization Settings:

- Check the disk utilization settings to ensure that the allocated disk space and the alert and delete thresholds are configured correctly. This can affect when logs are deleted based on disk space usage. 4. Manual Deletion:

- If automatic deletion is not functioning as expected, consider manually deleting the older archive logs. This can be done through the FortiAnalyzer interface by navigating to the log storage section and selecting the logs to delete.

5. Check for Software Updates:

- Ensure that your FortiAnalyzer is running the latest version of the software. Sometimes, issues are resolved in newer versions, so consider updating to the latest version if possible.

6. Review System Logs:

- Check the system logs for any errors or warnings related to log deletion. This might provide insights into why the automatic deletion is not working.

7. Contact Support:

- If the issue persists after following these steps, consider reaching out to Fortinet Support for further assistance. We can provide more detailed troubleshooting based on your specific configuration and environment.

Stephen - Fortinet Community Team
673
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.