Suddenly last week I lost logs from one of our firewalls (200F) in the Fortinet Cloud views. I can view the logs stored on local memory and the cloud logs of other firewalls in the security fabric in FortiView still, and the log settings show data still being uploaded to Fortinet Cloud. We're on a free plan, so I'm not sure what my options are for verifying on the cloud side that the logs are there.
I have a ticket in, but support has been less than active on it. So far my only instructions have been to restart the logging service with
fnsysctl killall miglogd
which hasn't had any visible effect.
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Large full backups were running to the cloud. As far as I can tell the only service that had trouble in the whole company was forticloud logs. When my problem suddenly went away a coworker realized that it aligned with the backup jobs finally completing after several days.
Hi @nwt,
Have you tried different browsers? Are you able to view logs in the CLI? Please refer to https://community.fortinet.com/t5/FortiGate/Technical-Tip-Displaying-logs-via-FortiGate-s-CLI/ta-p/1...
Please also make sure FortiGate is able to reach FortiCloud. Otherwise, it won't be able to retrieve logs from FortiCloud.
Regards,
Created on 05-16-2024 11:28 AM Edited on 05-16-2024 11:29 AM
Different browsers: Yes, no joy. Plus, other firewalls in the security fabric have their logs showing up fine in here, just not this one.
CLI: No. 0 found 0 returned
Reach FortiCloud: Testing connection to FortiCloud is successful, I already tried increasing the timeout as well.
@nwt,
If you login to FortiGate Cloud, are you able to see logs of the problematic FortiGate?
Regards,
I can see that there are logs, but I'm not sure that I can see the logs themselves on the free plan? Is there a good way for me to do so?
I think I've had a breakthrough. I happened to be checking the web filter logs and noticed that I was looking at cloud logs. I went to application logs and nothing loaded, then I went back to web filter and nothing loaded. I went to the Log Settings and hit the Test Connectivity button repeatedly and found that it goes to Unreachable for stretches at a time. I also found that hitting refresh 8-10 times on a log screen eventually loads logs. It looks like I'm having trouble staying connected to Forticloud.
@nwt,
I believe that's the issue. We need to check why connection to FortiCloud is not stable. I suggest opening a ticket with Fortinet TAC to further troubleshoot.
Regards,
Large full backups were running to the cloud. As far as I can tell the only service that had trouble in the whole company was forticloud logs. When my problem suddenly went away a coworker realized that it aligned with the backup jobs finally completing after several days.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1696 | |
1091 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.