Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Neophron
New Contributor

CTAP logs gone

Goodmorning,

I deployed a CTAP at the customers location. it's the second time it's there. The first time botnets came forward, but when I finally got time to investigate the logs were already rotated.

So, I explained the customer my fu, and placed the CTAP ( 100-D ) again.

It was operational from 22-05-17 till 26-05-2017.

luckily the botnets were still there, the analyses showed it was.

downloaded the analyses from the CTAP portal, and went to the customer to get the 100-D backfor inspection ( raw logs ) and deliver the report to them.

 

Now delivering the report is not the problem, however reading the raw log is.

downloading all the logs, only intrusion-log and webfilter-log have KB's. the rest is all zero ( no text inside ).

I just hope I am doing something wrong here, altho no rocket science, I can't reach out to place the CTAP again.

The analysys /report is still available through the portal. I'm hoping the files maybe there.

any help is appreciated.

thanks!

 

0 REPLIES 0