Hi,
I've tried and tried and don't seem to be able to fix this problem I have with FA.
I have a setup with Fortigate 61F + EMS + Fortianalyzer. All V7.0.3.
Security fabric is enable with FG unit as fabric root and all looks ok, but... although in the FA "Log View" I can see the FG logs that have been stored for the last few months, in the FotiView most log categories (such as all in Traffic f. ex.) are empty with a "This chart requires following Log to be enabled: (log name)", and the ones who don't show the warnig are empty as well.
In the FG unit log settings I have sending logs to FA enabled, status connected, upload realtime... oddly Storage/Analytics /Archive usage show "0%". In "Logs Sent to FortiAnalyzer Daily" bellow, I have ~1GB daily.
I've reviewed everything and I feel lost at this point...What have I missed?..
Thanks in advance,
Hi,
In the Fortigate do you have a policy with Application Control Security Profile enabled? This is needed to show Applications under FortiView in FAZ.
Hi JPratt,
Thank you for your reply,
I have several Application Sensors under “Security control > Application control”. The one I use is set to monitor all categories.
I have that profile enabled in our Proxy Policy and in most of our Firewall Policies.
Although the FAZ logs virtual disk has ~300GB of used space, and it's running since february (meaning it's collecting the logs), Fortiview has most of the categories greyed out. When I hover the mouse over, lets say "Traffic > Top Sources" it says "This chart requires following Log to be enabled: Traffic".
Do you have any idea of what else I should check?
Thanks in advance,
Cheers,
May be related to SQL database
Hope the following link can help you.
Hi Zhuo,
Thank you for your reply,
For what I read the problems with the SQL DB come from updating FAZ.
I've never updated it and the issue is there since I first installed back in February.
Thanks,
Cheers,
Did you ever get this fixed?
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.