Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
cos
New Contributor

Fortianalyzer not showing logs

Hello,

 

We have 4 fortigates which are configured to send all the logs to the FortiAnalyzer. The point is that we dont see any logs in "fortiview and log view", but the device is receiving logs. Its stuck like loading the information.

We also can not see the logs in the fortigate configuring the FortiAnalyzer like source.

Whats happening with the logs???

 

I attached a screenshot about that we see in fortiview.

 

thanks,

regards,

Jesus

23 REPLIES 23
scao_FTNT
Staff
Staff

Hi, Jesus, in your pic, if you click left tree bottom log view, what is displayed? and for that log view, left tree has a "Log Browse" link which is for device raw log files, can you also help do a check for that?

 

thanks

 

Simon

cos
New Contributor

Sorry, i tried using chrome and i can see verything. I think my client was using another browser.

 

this could be caused for any browser or something??? any uncompatibility for any browser known??

 

thanks

cos
New Contributor

Hi, my client update me about this problem. ITs different behaviour.

 

This problem we have with the fortiazalyzer have been happening since I installed it and we didnt pay a lot of attention because we thought it was a blip, but we see this again and we dont know why; yesterday when I walked into the web console FAand . No logs showed none of the FG that we have set. Also going into the FGates could see nothing, as they are configured to send the FA real time and in turn show the logs that are in the FA.

This was well throughout the morning until after about three hours (more or less) finally appeared the logs in both FA and FG. From there, all right. Even today also continues to work well. The problem occurs when we are a long period of time (do not know tell you how) without access logs, or through FG or directly from FA.

Another symptom that something is wrong with the BB.DD. Internal FA is that there is a report that is released monthly and that most often gets stuck with the bar "in process" to mean. Yes it does well if just one day before the start of the report, we have the FA showing logs.

 

 

Any advices or what it could be happening????

cos
New Contributor

The performance is working low.....

 

FORTIANALYZER:

FAZ2000B $ get system performance CPU: Used: 2.1% Used(Excluded NICE): 2.1% CPU_num: 4. CPU[0] usage: 0.99% Usage: %user %nice %sys %idle %iowait %irq %softirq 0.46 0.00 0.40 99.01 0.00 0.00 0.13 CPU[1] usage: 3.23% Usage: %user %nice %sys %idle %iowait %irq %softirq 2.96 0.00 0.26 96.77 0.00 0.00 0.00 CPU[2] usage: 0.20% Usage: %user %nice %sys %idle %iowait %irq %softirq 0.13 0.00 0.07 99.80 0.00 0.00 0.00 CPU[3] usage: 0.66% Usage: %user %nice %sys %idle %iowait %irq %softirq 0.00 0.00 0.33 99.34 0.33 0.00 0.00 Memory: Total: 14,378,716 KB Used: 1,619,852 KB 11.3% Hard Disk: Total: 1,922,329,396 KB Used: 899,656,632 KB 46.8% Flash Disk: Total: 253,871 KB Used: 61,903 KB 24.4%

------------------------------------

FORTIGATE  $ get system performance status CPU states: 0% user 1% system 0% nice 99% idle CPU0 states: 0% user 2% system 0% nice 98% idle CPU1 states: 0% user 2% system 0% nice 98% idle CPU2 states: 0% user 1% system 0% nice 99% idle CPU3 states: 0% user 0% system 0% nice 100% idle Memory states: 31% used Average network usage: 80203 kbps in 1 minute, 84295 kbps in 10 minutes, 85175 kbps in 30 minutes Average sessions: 28455 sessions in 1 minute, 27521 sessions in 10 minutes, 29024 sessions in 30 minutes Average session setup rate: 150 sessions per second in last 1 minute, 168 sessions per second in last 10 minutes, 174 sessions per second in last 30 minutes Virus caught: 0 total in 1 minute IPS attacks blocked: 0 total in 1 minute Uptime: 280 days, 5 hours, 23 minutes

 

cos
New Contributor

The performance is working low.....   FORTIANALYZER: FAZ2000B $ get system performance CPU: Used: 2.1% Used(Excluded NICE): 2.1% CPU_num: 4. CPU[0] usage: 0.99% Usage: %user %nice %sys %idle %iowait %irq %softirq 0.46 0.00 0.40 99.01 0.00 0.00 0.13 CPU[1] usage: 3.23% Usage: %user %nice %sys %idle %iowait %irq %softirq 2.96 0.00 0.26 96.77 0.00 0.00 0.00 CPU[2] usage: 0.20% Usage: %user %nice %sys %idle %iowait %irq %softirq 0.13 0.00 0.07 99.80 0.00 0.00 0.00 CPU[3] usage: 0.66% Usage: %user %nice %sys %idle %iowait %irq %softirq 0.00 0.00 0.33 99.34 0.33 0.00 0.00 Memory: Total: 14,378,716 KB Used: 1,619,852 KB 11.3% Hard Disk: Total: 1,922,329,396 KB Used: 899,656,632 KB 46.8% Flash Disk: Total: 253,871 KB Used: 61,903 KB 24.4% ------------------------------------ FORTIGATE  $ get system performance status CPU states: 0% user 1% system 0% nice 99% idle CPU0 states: 0% user 2% system 0% nice 98% idle CPU1 states: 0% user 2% system 0% nice 98% idle CPU2 states: 0% user 1% system 0% nice 99% idle CPU3 states: 0% user 0% system 0% nice 100% idle Memory states: 31% used Average network usage: 80203 kbps in 1 minute, 84295 kbps in 10 minutes, 85175 kbps in 30 minutes Average sessions: 28455 sessions in 1 minute, 27521 sessions in 10 minutes, 29024 sessions in 30 minutes Average session setup rate: 150 sessions per second in last 1 minute, 168 sessions per second in last 10 minutes, 174 sessions per second in last 30 minutes Virus caught: 0 total in 1 minute IPS attacks blocked: 0 total in 1 minute Uptime: 280 days, 5 hours, 23 minutes  

scao_FTNT
Staff
Staff

For supported Browser, FMG/FAZ support IE11, FireFox35 (current latest version) and Chrome40 (current latest version)

 

Thanks

 

Simon

Genesis
New Contributor

are there any resource that is running high -- CPU or Mem?

L_FTNT
Staff
Staff

It would be helpful that you provide the firmware versions on the FGTs and also firmware versions on FAZ?

Were the FAZ and FGTs upgraded recently? If so, from which version to which version?

 

cos
New Contributor

FORTIANALYZER

Firmware Version v5.0.7-build0321 140627 (GA)

FORTIGATE

Firmware Version v5.0,build3608 (GA Patch 7)

Labels
Top Kudoed Authors