Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
joh2k
New Contributor II

Is it possible to automate certain logs removal?

Hello,

 

 

To meet our conformity requirements, our organization sends all FortiGate logs to a syslog server. However, approximately 90% of these logs have limited usefulness for security monitoring purposes. If we were to remove these logs from FortiGate/FortiAnalyzer, we would free up significant storage space for the valuable logs, resulting in improved traceability over time.

We are wondering if it is possible to implement distinct policies for log storage. Specifically, we would like to delete certain logs shortly after they have been forwarded to the syslog server.

 

Thank you

2 REPLIES 2
Johnharper
New Contributor III

Yes, it is possible to automate the removal of certain logs on Fortinet using scripts or automation tools. Fortinet provides APIs and CLI commands that can be used to automate various tasks, including log management.

For example, you can use the Fortinet FortiManager or FortiAnalyzer tools to automate log retention policies and purging of logs. You can also use scripting languages such as Python, PowerShell, or Bash to create custom scripts that can automate log removal based on specific criteria such as age, size, or severity.

joh2k
New Contributor II

Hello Johnharper,

Thanks for your answer. I am looking for log management in the reference manual, but i can't  find it.

Do you think you could help me find the details in the reference manual?

Thank you

Top Kudoed Authors