FortiAnalyzer DNS logs No record found.

Ninja_03092 · ‎12-18-2024

Hello,

I am currently facing an issue with my FortiAnalyzer when trying to view DNS logs from my FortiGate. Specifically, when I navigate to the FortiView > Traffic > DNS Logs section in FortiAnalyzer and search for DNS activity, the result always shows "No record found", even though DNS traffic is expected to be logged.

Setup Details:

Configuration:
- FortiGate is configured to forward logs to FortiAnalyzer.
- Other logs (e.g., traffic logs, event logs) are appearing correctly in FortiAnalyzer.

dingjerry_FTNT · ‎12-18-2024

Hi @Ninja_03092 ,

First of all, make sure that there is DNS traffic passing through your FortiGate.

Secondly, please make sure that the firewall policy allowing this DNS traffic flow has Logging enabled.

Regards,

Jerry

Ninja_03092 · ‎12-18-2024

yes we have it

dingjerry_FTNT · ‎12-18-2024

Can you share the firewall policy configurations? And do you have any Hit Count for this firewall policy in the GUI?

Regards,

Jerry

ametkola · ‎12-29-2024

Hello @Ninja_03092 ,

Check if you can see any DNS logs recorded in Fortigate, Log&Report >> Security events >> DNS query.. If yes, you can check if the firewall policy enables logging.

Thank you.

ametkola

FortiAnalyzer DNS logs No record found.

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website