Fortinet white logo
Fortinet white logo

Administration Guide

Log Forwarding

Log Forwarding

You can forward logs from a FortiAnalyzer unit to another FortiAnalyzer unit, a syslog server, or a Common Event Format (CEF) server when you use the default forwarding mode in log forwarding. You can also forward logs via an output plugin, connecting to a public cloud service.

The client is the FortiAnalyzer unit that forwards logs to another device. The server is the FortiAnalyzer unit, syslog server, or CEF server that receives the logs.

In addition to forwarding logs to another unit or server, the client retains a local copy of the logs. The local copy of the logs is subject to the data policy settings for archived logs. See Log storage for more information.

To see a graphical view of the log forwarding configuration, and to see details of the devices involved, go to System Settings > Logging Topology. For more information, see Logging Topology.

Log Forwarding

Log Forwarding

You can forward logs from a FortiAnalyzer unit to another FortiAnalyzer unit, a syslog server, or a Common Event Format (CEF) server when you use the default forwarding mode in log forwarding. You can also forward logs via an output plugin, connecting to a public cloud service.

The client is the FortiAnalyzer unit that forwards logs to another device. The server is the FortiAnalyzer unit, syslog server, or CEF server that receives the logs.

In addition to forwarding logs to another unit or server, the client retains a local copy of the logs. The local copy of the logs is subject to the data policy settings for archived logs. See Log storage for more information.

To see a graphical view of the log forwarding configuration, and to see details of the devices involved, go to System Settings > Logging Topology. For more information, see Logging Topology.