Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Fortianalyzer

Posted on 2013-05-15
1
Medium Priority
?
4,105 Views
Last Modified: 2013-05-23
We have a fortianalyzer and it is not seeing any logs when we go to Logs and Archive but according to the device statistics from the dashboard, it shows that the fortianalyzer is collecting logs just fine.  Testing connectivity from the Fortigate appliance works too to the analyzer.  It is just when we try to generate reports or try to look at the logs using the log and archive option, it doesn't show any updated logs.  It just shows logs from several months ago.

Does anyone have any idea on what the issue might be related to this?

thanks,
paula
0
Comment
Question by:LateNaite
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 64

Accepted Solution

by:
btan earned 2000 total points
ID: 39171248
actually for fortianalyzer, the first place to check is the admin guide on the troubleshooting section (pg294). E.g.
http://docs.fortinet.com/fa/fortianalyzer-admin-40-mr3.pdf

There are couple of "closely related" issues e.g.
"No logs received with encryption enabled between a FortiGate unit and a FortiAnalyzer unit" and "HA log issue"

also you may want to check out below section:
- FortiAnalyzer - System Registration
- FortiAnalyzer Funkiness

http://firewallguru.blogspot.sg/search?q=FortiAnalyzer+

also just in case you want to verify the connectivity testing and the various means to do a quick connect check with test log

http://docs.fortinet.com/cb/html/index.html#page/FOS_Cookbook/Log_Report/cb_log_backup%20solution.html

Before configuring the FortiGate unit, ensure both the FortiGate unit and the FortiAnalyzer unit have the same firmware version and maintenance release. If both do not have the same firmware version and maintenance release, issues may arise, such as being unable to send logs to the FortiAnalyzer unit.

To test the connection other than using the web-based manager, in the CLI use diag log test command. This command sends logs to the FortiAnalyzer unit. To verify the number of logs sent, failed, dropped or buffered to the FortiAnalyzer unit, use the diag fortianalyzer-log mgstats show command. Go to the FortiAnalyzer unit, and under Log & Archive, view the logs that you just sent from your FortiGate device.

If you are not seeing any logs on the FortiAnalyzer unit, verify that the device has been included in the Devices menu list.
0

Featured Post

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Keystroke loggers have been around for a very long time. While the threat is old, some of the remedies are new!
How does someone stay on the right and legal side of the hacking world?
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses

704 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question