Fortinet black logo

Cookbook

Troubleshooting managed FortiAnalyzer units

6.2.0
Copy Link
Copy Doc ID 2d0f1673-0a61-11ea-8977-00505692583a:475663
Download PDF

Troubleshooting managed FortiAnalyzer units

This topic describes how to troubleshoot several situations.

Adding FortiAnalyzer failed

If adding FortiAnalyzer failed, enable the following debug command, which will provide error or information in a debug log, and then try adding FortiAnalyzer again.

diagnose debug application depmanager 255

diagnose debug enable

example: add_faz_dep_debug.txt

ADOM remains locked on FortiAnalyzer

When you delete FortiAnalyzer from FortiManager, the ADOM on FortiAnalyzer should be unlocked. If the ADOM remains locked, you can use the following command on the FortiAnalyzer unit to unlock the ADOM:

FAZ1000E # diag dvm adom unlock

adom ADOM name.

FAZ1000E # diag dvm adom unlock remote-faz

---Deleting DVM lock by remote FortiManager succeeded---

FAZ1000E#

Serial number already in use

The Alert console might display the Serial number already in use message. FortiManager might also display the Serial number already in use message after failing to add FortiAnalyzer.

You can use the diagnose dvm device list command on the FortiAnalyzer unit and on the FortiManager unit to see if the same FortiGate unit already exists on the FortiAnalyzer unit, but in different ADOM.

Troubleshooting managed FortiAnalyzer units

This topic describes how to troubleshoot several situations.

Adding FortiAnalyzer failed

If adding FortiAnalyzer failed, enable the following debug command, which will provide error or information in a debug log, and then try adding FortiAnalyzer again.

diagnose debug application depmanager 255

diagnose debug enable

example: add_faz_dep_debug.txt

ADOM remains locked on FortiAnalyzer

When you delete FortiAnalyzer from FortiManager, the ADOM on FortiAnalyzer should be unlocked. If the ADOM remains locked, you can use the following command on the FortiAnalyzer unit to unlock the ADOM:

FAZ1000E # diag dvm adom unlock

adom ADOM name.

FAZ1000E # diag dvm adom unlock remote-faz

---Deleting DVM lock by remote FortiManager succeeded---

FAZ1000E#

Serial number already in use

The Alert console might display the Serial number already in use message. FortiManager might also display the Serial number already in use message after failing to add FortiAnalyzer.

You can use the diagnose dvm device list command on the FortiAnalyzer unit and on the FortiManager unit to see if the same FortiGate unit already exists on the FortiAnalyzer unit, but in different ADOM.