Hi Team,

Please let us know if you are able to see logs under logs and reports >> forward traffic

Alos, please share us the below logs for further analysis:

get sys performance status

diag sys top (press ctrl+c after getting three outputs)

diag debug application miglogd -1

diag debug enable

Wait for five mins, once the logs are generated please disable the debug by executing this command "diag debug disable"

Hi,

Thank you for your reply,

I can view the logs when, in "LogLocation" I select either "Disk" or "FG Cloud". If I select "FortiAnalyzer" it comes out empty.

get sys performance status

CPU states: 2% user 0% system 0% nice 98% idle 0% iowait 0% irq 0% softirq
CPU0 states: 0% user 0% system 0% nice 100% idle 0% iowait 0% irq 0% softirq
CPU1 states: 8% user 0% system 0% nice 92% idle 0% iowait 0% irq 0% softirq
CPU2 states: 3% user 0% system 0% nice 97% idle 0% iowait 0% irq 0% softirq
CPU3 states: 3% user 0% system 0% nice 97% idle 0% iowait 0% irq 0% softirq
CPU4 states: 0% user 0% system 0% nice 100% idle 0% iowait 0% irq 0% softirq
CPU5 states: 0% user 0% system 0% nice 100% idle 0% iowait 0% irq 0% softirq
CPU6 states: 0% user 0% system 0% nice 100% idle 0% iowait 0% irq 0% softirq
CPU7 states: 0% user 0% system 0% nice 100% idle 0% iowait 0% irq 0% softirq
Memory: 1964668k total, 1227508k used (62.5%), 444600k free (22.6%), 292560k freeable (14.9%)
Average network usage: 16588 / 16771 kbps in 1 minute, 13724 / 13874 kbps in 10 minutes, 13326 / 13512 kbps in 30 minutes
Average sessions: 2284 sessions in 1 minute, 1806 sessions in 10 minutes, 1803 sessions in 30 minutes
Average session setup rate: 14 sessions per second in last 1 minute, 13 sessions per second in last 10 minutes, 13 sessions per second in last 30 minutes
Average NPU sessions: 279 sessions in last 1 minute, 230 sessions in last 10 minutes, 215 sessions in last 30 minutes
Average nTurbo sessions: 20 sessions in last 1 minute, 18 sessions in last 10 minutes, 18 sessions in last 30 minutes
Virus caught: 0 total in 1 minute
IPS attacks blocked: 0 total in 1 minute
Uptime: 0 days,  6 hours,  12 minutes

diag sys top

Run Time:  0 days, 6 hours and 13 minutes
0U, 0N, 0S, 100I, 0WA, 0HI, 0SI, 0ST; 1918T, 426F
            node      174      S       2.4     2.7    1
       ipsengine      300      S <     0.4     3.7    7
       ipsengine      298      S <     0.4     3.7    5
             wad      254      S       0.4     3.1    0
         sslvpnd      260      S       0.4     1.2    2
             wad      250      S       0.4     0.3    0
       ipsengine      299      S <     0.0     3.7    6
             wad      253      S       0.0     3.3    1
             wad      251      S       0.0     3.0    1
             wad      255      S       0.0     2.6    0
       ipshelper      187      S <     0.0     2.4    1
         cmdbsvr      141      S       0.0     2.3    3
       scanunitd      200      S <     0.0     1.9    2
         miglogd      282      S       0.0     1.8    0
         miglogd      193      S       0.0     1.8    1
       extenderd      239      S       0.0     1.5    6
         sslvpnd      195      S       0.0     1.4    6
          fcnacd      191      S       0.0     1.3    6
          cw_acd      229      S       0.0     1.3    3
            csfd      240      S       0.0     1.2    1

diag debug enable

https://pastebin.com/taUBhDDS - Cant paste it here because it exceeds character limit.

Thanks,

Kindly get us the output of these two commands:

diag test application miglogd 20

diag test application miglogd 6

diag debug crashlog read

diag sniffer packet any 'host a.b.c.d' 4 0 a (where a.b.c.d is the fortianalyzer ip address), Once you run the sniffer we will be able to know whether firewall is sending packets or not to the fortianalyzer

bump

Hello
Has the problem been resolved?