Solved

Fortianalyzer

Posted on 2013-05-15
1
3,618 Views
Last Modified: 2013-05-23
We have a fortianalyzer and it is not seeing any logs when we go to Logs and Archive but according to the device statistics from the dashboard, it shows that the fortianalyzer is collecting logs just fine.  Testing connectivity from the Fortigate appliance works too to the analyzer.  It is just when we try to generate reports or try to look at the logs using the log and archive option, it doesn't show any updated logs.  It just shows logs from several months ago.

Does anyone have any idea on what the issue might be related to this?

thanks,
paula
0
Comment
Question by:LateNaite
1 Comment
 
LVL 62

Accepted Solution

by:
btan earned 500 total points
ID: 39171248
actually for fortianalyzer, the first place to check is the admin guide on the troubleshooting section (pg294). E.g.
http://docs.fortinet.com/fa/fortianalyzer-admin-40-mr3.pdf

There are couple of "closely related" issues e.g.
"No logs received with encryption enabled between a FortiGate unit and a FortiAnalyzer unit" and "HA log issue"

also you may want to check out below section:
- FortiAnalyzer - System Registration
- FortiAnalyzer Funkiness

http://firewallguru.blogspot.sg/search?q=FortiAnalyzer+

also just in case you want to verify the connectivity testing and the various means to do a quick connect check with test log

http://docs.fortinet.com/cb/html/index.html#page/FOS_Cookbook/Log_Report/cb_log_backup%20solution.html

Before configuring the FortiGate unit, ensure both the FortiGate unit and the FortiAnalyzer unit have the same firmware version and maintenance release. If both do not have the same firmware version and maintenance release, issues may arise, such as being unable to send logs to the FortiAnalyzer unit.

To test the connection other than using the web-based manager, in the CLI use diag log test command. This command sends logs to the FortiAnalyzer unit. To verify the number of logs sent, failed, dropped or buffered to the FortiAnalyzer unit, use the diag fortianalyzer-log mgstats show command. Go to the FortiAnalyzer unit, and under Log & Archive, view the logs that you just sent from your FortiGate device.

If you are not seeing any logs on the FortiAnalyzer unit, verify that the device has been included in the Devices menu list.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Outsource Your Fax Infrastructure to the Cloud (And come out looking like an IT Hero!) Relative to the many demands on today’s IT teams, spending capital, time and resources to maintain physical fax servers and infrastructure is not a high priority.
Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question