Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
nicko1
New Contributor

Forticloud Log Analysis

Hello, 

 

What is the best solution to interpret / analyze logs downloaded from forticloud. The customer does not have FAZ currently and we have a need to interpret months of traffic logs. 

 

Can we import historical logs from Forticloud to Forti Analyzer cloud? 

 

Will local version of FAZ be able to interpret the logs downloaded from Forticloud?

 

The web filter works great but the limitation of exporting 1000 records is not enough. 

 

Thanks

8 REPLIES 8
Jean-Philippe_P
Moderator
Moderator

Hello nicko1!

 

Thank you for posting on the Fortinet Community Forum.

 

I have found these documentations that may help you:

 

https://docs.fortinet.com/document/fortigate/5.4.0/cookbook/189021/logging-traffic-with-fortigate-cl...

 

https://docs.fortinet.com/document/fortianalyzer/6.4.5/administration-guide/982164/importing-a-log-f....

 

Can you tell me if it helps or if you need more pieces of information, please?

 

Kindest regards,

Jean-Philippe - Fortinet Community Team
nicko1
New Contributor

Thanks Jean, to confirm the device logs can be downloaded from forticloud and imported into FAZ?
Is there a way to do this in FAZ Cloud?

Jean-Philippe_P

Hello again!

 

Yes that's what it is said in the guide! 

For your other question, you will find help there:

 

https://docs.fortinet.com/document/fortianalyzer/6.4.5/administration-guide/34362/upload-logs-to-clo...

 

Is everything sorted out for you?

 

Kindest regards,

Jean-Philippe - Fortinet Community Team
nicko1
New Contributor

Thanks Jean, my question is can I upload / transfer log files from forticloud to Fortianalyzer in Forticloud (https://fortianalyzer.forticloud.com/)? 
We are already logging to cloud but want to upload or transfer historical logs to the FAZ Cloud service to obtain further granularity? 

Jean-Philippe_P

Hello nicko1,

 

You will have instructions with these documents:

 

https://docs.fortinet.com/document/fortigate/7.2.0/administration-guide/604952/sending-traffic-logs-...

 

https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/658c8641-f465-11ea-96b9-005056...

 

Is that answering your question?

 

Kindest regards,

Jean-Philippe - Fortinet Community Team
nicko1
New Contributor

No sorry, I need to know if historical logs can be uploaded to the FAZ Cloud. No mention of historical logs in the documents you provided.

Jean-Philippe_P

Hello Nicko1,

 

I asked one of our engineers and he answered me that, unfortunately, you cannot import logs from devices that are not already logging into FAZ cloud.

 

Kindest regards,

Jean-Philippe - Fortinet Community Team
nicko1
New Contributor

Thank you, we have also tried to download and import to an on prem FAZ but it appears the forticloud log format is not correct for on prem FAZ. 

Could confirm that the forticloud logs cannot be imported to on prem FAZ or Forticloud FAZ ? Does fortinet have any other suggestions on how to parse the logs that are uploaded to forticloud, the forticloud web tool only provides 1000 entries which is not enough.

 

Labels
Top Kudoed Authors