FortiAnalyzer
FortiAnalyzer can receive logs and Windows host events directly from endpoints connected to EMS, and you can use FortiAnalyzer to analyze the logs and run reports.
edgar1
Staff
Staff
Description
This article provides a possible solution for the situation where the event log on FortiAnalyzer displays the following message:

Unable to accept logs from Device...... due to internal error, errcode=-1002.

Solution
This may be due to the processes fortilogd and sqllogd not working correctly.  They can be restarted using the following CLI commands.
#diag test app fortilogd 99
#diag test app sqllogd 99

After restarting the processes the FortiAnalyzer should now operate correctly and receive logs from associated FortiGates.

Contributors