FortiClient logs are stored in the device that the FortiClient endpoint is registered to.
For example, when endpoints are registered to a FortiGate device, FortiClient logs are viewed on the FortiGate device. When endpoints are registered to a FortiClient EMS, FortiClient logs are viewed in the FortiClient ADOM that the FortiClient EMS device is added to.
ADOMs must be enabled to support FortiClient EMS devices.
allowaccesslist using the following CLI command:
config system interface
set allowaccess https ssh http http-logging https-logging
- Add SSL certificate to enable communication.
An SSL certificate is required to support communication and send logs between FortiClient Web Filter extension and FortiAnalyzer. If you use a public SSL certificate, you only need to add the public SSL certificate to FortiAnalyzer.
However, if you prefer to use a certificate that is not from a common CA, you must add the SSL certificate to FortiAnalyzer, and you must push the root CA of your certificate to the Google Chromebooks. Otherwise, the HTTPS connection between the FortiClient EMS Chromebook Web Filter extension and FortiAnalyzer will not work. The common name of the certificate must be the FortiAnalyzer IP address.
- In FortiAnalyzer, go to System Settings > Certificates > Local Certificates.
- Click Import. The Import Local Certificate dialog box appears.
- In the Type list, select Certificate. Or,
In the Type list, select PKCS#12 Certificate to upload the certificate in PK12 format.
- Beside the Certificate File field, click Browse to select the certificate.
- Enter the password and certificate name.
- Click OK.
- Select certificates for HTTPS connections:
- In FortiAnalyzer, go to System Settings > Admin > Admin Settings.
- In the HTTPS & Web Service Certificate box, select the certificate you want to use for HTTPS connections, and click Apply.
- Enable the FortiClient ADOM using the following CLI command:
conf sys global
set adom-status enable
- Add FortiClient EMS for Chromebooks as a device to the FortiClient ADOM:
Go to Device Manager > click the + Add Device button to add FortiClient EMS for Chromebooks as a FortiClient ADOM device.
- Enable logging in FortiClient EMS for Chromebooks:
You will need to enable logging in FortiClient EMS for Chromebooks, see the FortiClient EMS for Chromebooks Administration Guide for more information.