How exactly do we look at the historical logs in FortiAnalyzer? Although 720 days of logs are selected, it shows a maximum of 400 days, what could be the reason for this?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello @rcpdkc
How are the retention values defined in Fortianalyzer ? This article might help.
regards,
Sheikh
When I look at the picture below, it will remain in the device memory for 720 days and when it comes to the top, it will archive, is this information correct?
In FortiAnalyzer (FAZ), below are the two key log types.
When viewing the Storage Info based on your screenshot, the 720 days is the number of days worth of Archive logs that you have configured in the ADOM Data Policy. This means that you have configured FAZ to keep 720 days worth of archive logs, assuming there is sufficient disk storage in the ADOM.
To better understand Archive & Analytics logs, you may refer to below doc link.
Also, when I look at this picture, no files will be deleted because there are no adjustments. Is that correct?
Yes, you have not configured for automatic log deletion. Hence, FAZ will not proceed to delete logs automatically.
However, log deletion will still happen based on the automatic deletion policies as defined in below doc link.
https://docs.fortinet.com/document/fortianalyzer/7.2.5/administration-guide/87802/automatic-deletion
Hi @rcpdkc ,
I would suggest to add more space, but as you already have 14TB in use in some version its possible to hit the 16TB max.
Try to upgrade to the latest and then to expand the space with 5-10 TB above.
Don't forget to use the backup and the upgrade path!!!
https://community.fortinet.com/t5/FortiAnalyzer/Technical-Tip-Backup-and-restore-of-FortiAnalyzer-se...
https://docs.fortinet.com/document/fortianalyzer/7.4.3/administration-guide/743670/configuring-log-s...
https://docs.fortinet.com/upgrade-tool/fortianalyzer
Best,
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1522 | |
1020 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.