Solved

Fortianalyzer

Posted on 2013-05-15
1
3,454 Views
Last Modified: 2013-05-23
We have a fortianalyzer and it is not seeing any logs when we go to Logs and Archive but according to the device statistics from the dashboard, it shows that the fortianalyzer is collecting logs just fine.  Testing connectivity from the Fortigate appliance works too to the analyzer.  It is just when we try to generate reports or try to look at the logs using the log and archive option, it doesn't show any updated logs.  It just shows logs from several months ago.

Does anyone have any idea on what the issue might be related to this?

thanks,
paula
0
Comment
Question by:LateNaite
1 Comment
 
LVL 61

Accepted Solution

by:
btan earned 500 total points
Comment Utility
actually for fortianalyzer, the first place to check is the admin guide on the troubleshooting section (pg294). E.g.
http://docs.fortinet.com/fa/fortianalyzer-admin-40-mr3.pdf

There are couple of "closely related" issues e.g.
"No logs received with encryption enabled between a FortiGate unit and a FortiAnalyzer unit" and "HA log issue"

also you may want to check out below section:
- FortiAnalyzer - System Registration
- FortiAnalyzer Funkiness

http://firewallguru.blogspot.sg/search?q=FortiAnalyzer+

also just in case you want to verify the connectivity testing and the various means to do a quick connect check with test log

http://docs.fortinet.com/cb/html/index.html#page/FOS_Cookbook/Log_Report/cb_log_backup%20solution.html

Before configuring the FortiGate unit, ensure both the FortiGate unit and the FortiAnalyzer unit have the same firmware version and maintenance release. If both do not have the same firmware version and maintenance release, issues may arise, such as being unable to send logs to the FortiAnalyzer unit.

To test the connection other than using the web-based manager, in the CLI use diag log test command. This command sends logs to the FortiAnalyzer unit. To verify the number of logs sent, failed, dropped or buffered to the FortiAnalyzer unit, use the diag fortianalyzer-log mgstats show command. Go to the FortiAnalyzer unit, and under Log & Archive, view the logs that you just sent from your FortiGate device.

If you are not seeing any logs on the FortiAnalyzer unit, verify that the device has been included in the Devices menu list.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

This subject  of securing wireless devices conjures up visions of your PC or mobile phone connecting to the Internet through some hotspot at Starbucks. But it is so much more than that. Let’s look at the facts: devices#sthash.eoFY7dic.
The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now