FortiAnalyzer logging
FortiAnalyzer is a remote logging server that helps keep an additional copy of logs from FortiPAM.
To configure FortiAnalyzer logging:
- Go to Network > Fabric Connectors.
Core Network Security opens.
- Select FortiAnalyzer Logging and select Edit.
The Edit Fabric Connector window opens.
- In the FortiAnalyzer Settings pane, set the Status as Enabled.
You now see new options in the Edit Fabric Connector window.
- Enter the following information:
Server
Enter the server IP address or the FQDN.
Select Test Connectivity to test the connection to the server.
Upload option
Select an upload interval:
Real Time
Every Minute
Every 5 Minute (default)
More
Upload interval
Select an upload interval:
Daily (default)
Weekly
Monthly
Note: The option is only available when the Upload option is set to More.
Day
From the dropdown, select a day.
Note: The option is only available when the Upload interval is Weekly.
Date
Enter a date for the month.
Note: The option is only available when the Upload interval is Monthly.
Time
Enter a time or select the clock icon to select a time.
Allow access to FortiPAM REST API
Enable/disable FortiPAM REST API access (default = enable).
Verify FortiAnalyzer certificate
Enable/disable verifying the FortiAnalyzer certificate (default = enable).
Note: The option is only available when Allow access to FortiPAM REST API is enabled.
- Click OK.
- In the window that opens, verify the FortiAnalyzer serial number and click Accept.
- Check the FortiAnalyzer Status. If the connection is unauthorized, click Authorize to log in to FortiAnalyzer and authorize FortiPAM.
After establishing a connection between FortiPAM and FortiAnalyzer, subsequent logs are accessible in the corresponding FortiAnalyzer.
When reviewing logs in Log & Report, you can choose FortiAnalyzer as the log source. See Log & report.
To configure FortiAnalyzer logging via the CLI Example
config log fortianalyzer setting set status enable set server faz.fortipam.ca end