Since implementing a Fortigate 60D with 5.2.3 a few weeks ago the system log shows an hourly entry reporting numbers of files dropped by quard (I've attached an example screenshot).
The entry provides no real information as to the cause, and I'm struggling to locate information online that indicates whether we should be concerned about this.
I've found reference to the quarantine daemon in the CLI manual and methods of debugging however I can't determine what options are available to use with the
diag test application quarantinedcommand and am concerned about running such commands blind in a production environment.
Can anyone offer some advice on the following:
1. How can I determine the reason for this behaviour?
2. Should I be concerned about this, or is it typical?
TIA
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Replying to myself in case anyone stumbles across this thread looking for the same information:
using
debug diagnose application quarantine -1I realised that the drops are files intended for FortiSandbox but unable to be uploaded as our daily limit (free version) was reached.
Rather a shame that the reason isn't logged in the System Event log as FortiCloud sandbox daily limit reached" or similar. Could have saved me some time at least.
Replying to myself in case anyone stumbles across this thread looking for the same information:
using
debug diagnose application quarantine -1I realised that the drops are files intended for FortiSandbox but unable to be uploaded as our daily limit (free version) was reached.
Rather a shame that the reason isn't logged in the System Event log as FortiCloud sandbox daily limit reached" or similar. Could have saved me some time at least.
Thanks, you just saved me some frustrating debugging.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1547 | |
1031 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.