Hi,I have configured a ZTNA setup using FortiGate and FortiClient EMS
integrated with Azure AD SAML for one domain (e.g., user@abc.com)
(server A) I have now added a second FortiGate to the same
FortiClient/EMS environment, but it requires authentica...
I also using 7.4 FAZ, it work until now. You need to check at the first
step that FAZ generate the log with "Did not receive any log from device
XXX in past X minutes"
What do you mean by not generating event correctly? It match your
situation when FG loses connection to FAZ via VPN connection, it also
avoids false alert if tunnel up/down continuously.
In that case, you can configure the FAZ alert if not recieve log from FG
after x
minutes.https://community.fortinet.com/t5/FortiAnalyzer/Technical-Tip-Creating-alerts-when-FortiAnalyzer-stops-receiving/ta-p/195250
