Fortinet white logo
Fortinet white logo

CLI Reference

config log fortianalyzer setting

config log fortianalyzer setting

Global FortiAnalyzer settings.

config log fortianalyzer setting
    Description: Global FortiAnalyzer settings.
    set status [enable|disable]
    set ips-archive [enable|disable]
    set server {string}
    set certificate-verification [enable|disable]
    set serial <name1>, <name2>, ...
    set preshared-key {string}
    set access-config [enable|disable]
    set hmac-algorithm [sha256|sha1]
    set enc-algorithm [high-medium|high|...]
    set ssl-min-proto-version [default|SSLv3|...]
    set conn-timeout {integer}
    set monitor-keepalive-period {integer}
    set monitor-failure-retry-period {integer}
    set certificate {string}
    set source-ip {string}
    set upload-option [store-and-upload|realtime|...]
    set upload-interval [daily|weekly|...]
    set upload-day {user}
    set upload-time {user}
    set reliable [enable|disable]
    set priority [default|low]
    set max-log-rate {integer}
    set interface-select-method [auto|sdwan|...]
    set interface {string}
end

config log fortianalyzer setting

Parameter

Description

Type

Size

Default

status

Enable/disable logging to FortiAnalyzer.

option

-

disable

Option

Description

enable

Enable logging to FortiAnalyzer.

disable

Disable logging to FortiAnalyzer.

ips-archive

Enable/disable IPS packet archive logging.

option

-

enable

Option

Description

enable

Enable IPS packet archive logging.

disable

Disable IPS packet archive logging.

server

The remote FortiAnalyzer.

string

Maximum length: 127

certificate-verification

Enable/disable identity verification of FortiAnalyzer by use of certificate.

option

-

enable

Option

Description

enable

Enable identity verification of FortiAnalyzer by use of certificate.

disable

Disable identity verification of FortiAnalyzer by use of certificate.

serial <name>

Serial numbers of the FortiAnalyzer.

Serial Number.

string

Maximum length: 79

preshared-key

Preshared-key used for auto-authorization on FortiAnalyzer.

string

Maximum length: 63

access-config

Enable/disable FortiAnalyzer access to configuration and data.

option

-

enable

Option

Description

enable

Enable FortiAnalyzer access to configuration and data.

disable

Disable FortiAnalyzer access to configuration and data.

hmac-algorithm

FortiAnalyzer IPsec tunnel HMAC algorithm.

option

-

sha256

Option

Description

sha256

Use SHA256 as HMAC algorithm.

sha1

Step down to SHA1 as the HMAC algorithm.

enc-algorithm

Configure the level of SSL protection for secure communication with FortiAnalyzer.

option

-

low

Option

Description

high-medium

Encrypt logs using high and medium encryption algorithms.

high

Encrypt logs using high encryption algorithms.

low

Encrypt logs using all encryption algorithms.

ssl-min-proto-version

Minimum supported protocol version for SSL/TLS connections .

option

-

default

Option

Description

default

Follow system global setting.

SSLv3

SSLv3.

TLSv1

TLSv1.

TLSv1-1

TLSv1.1.

TLSv1-2

TLSv1.2.

conn-timeout

FortiAnalyzer connection time-out in seconds (for status and log buffer).

integer

Minimum value: 1 Maximum value: 3600

10

monitor-keepalive-period

Time between OFTP keepalives in seconds (for status and log buffer).

integer

Minimum value: 1 Maximum value: 120

5

monitor-failure-retry-period

Time between FortiAnalyzer connection retries in seconds (for status and log buffer).

integer

Minimum value: 1 Maximum value: 86400

5

certificate

Certificate used to communicate with FortiAnalyzer.

string

Maximum length: 35

source-ip

Source IPv4 or IPv6 address used to communicate with FortiAnalyzer.

string

Maximum length: 63

upload-option

Enable/disable logging to hard disk and then uploading to FortiAnalyzer.

option

-

5-minute

Option

Description

store-and-upload

Log to hard disk and then upload to FortiAnalyzer.

realtime

Log directly to FortiAnalyzer in real time.

1-minute

Log directly to FortiAnalyzer at least every 1 minute.

5-minute

Log directly to FortiAnalyzer at least every 5 minutes.

upload-interval

Frequency to upload log files to FortiAnalyzer.

option

-

daily

Option

Description

daily

Upload log files to FortiAnalyzer once a day.

weekly

Upload log files to FortiAnalyzer once a week.

monthly

Upload log files to FortiAnalyzer once a month.

upload-day

Day of week (month) to upload logs.

user

Not Specified

upload-time

Time to upload logs (hh:mm).

user

Not Specified

reliable

Enable/disable reliable logging to FortiAnalyzer.

option

-

disable

Option

Description

enable

Enable reliable logging to FortiAnalyzer.

disable

Disable reliable logging to FortiAnalyzer.

priority

Set log transmission priority.

option

-

default

Option

Description

default

Set FortiAnalyzer log transmission priority to default.

low

Set FortiAnalyzer log transmission priority to low.

max-log-rate

FortiAnalyzer maximum log rate in MBps (0 = unlimited).

integer

Minimum value: 0 Maximum value: 100000

0

interface-select-method

Specify how to select outgoing interface to reach server.

option

-

auto

Option

Description

auto

Set outgoing interface automatically.

sdwan

Set outgoing interface by SD-WAN or policy routing rules.

specify

Set outgoing interface manually.

interface

Specify outgoing interface to reach server.

string

Maximum length: 15

config log fortianalyzer setting

config log fortianalyzer setting

Global FortiAnalyzer settings.

config log fortianalyzer setting
    Description: Global FortiAnalyzer settings.
    set status [enable|disable]
    set ips-archive [enable|disable]
    set server {string}
    set certificate-verification [enable|disable]
    set serial <name1>, <name2>, ...
    set preshared-key {string}
    set access-config [enable|disable]
    set hmac-algorithm [sha256|sha1]
    set enc-algorithm [high-medium|high|...]
    set ssl-min-proto-version [default|SSLv3|...]
    set conn-timeout {integer}
    set monitor-keepalive-period {integer}
    set monitor-failure-retry-period {integer}
    set certificate {string}
    set source-ip {string}
    set upload-option [store-and-upload|realtime|...]
    set upload-interval [daily|weekly|...]
    set upload-day {user}
    set upload-time {user}
    set reliable [enable|disable]
    set priority [default|low]
    set max-log-rate {integer}
    set interface-select-method [auto|sdwan|...]
    set interface {string}
end

config log fortianalyzer setting

Parameter

Description

Type

Size

Default

status

Enable/disable logging to FortiAnalyzer.

option

-

disable

Option

Description

enable

Enable logging to FortiAnalyzer.

disable

Disable logging to FortiAnalyzer.

ips-archive

Enable/disable IPS packet archive logging.

option

-

enable

Option

Description

enable

Enable IPS packet archive logging.

disable

Disable IPS packet archive logging.

server

The remote FortiAnalyzer.

string

Maximum length: 127

certificate-verification

Enable/disable identity verification of FortiAnalyzer by use of certificate.

option

-

enable

Option

Description

enable

Enable identity verification of FortiAnalyzer by use of certificate.

disable

Disable identity verification of FortiAnalyzer by use of certificate.

serial <name>

Serial numbers of the FortiAnalyzer.

Serial Number.

string

Maximum length: 79

preshared-key

Preshared-key used for auto-authorization on FortiAnalyzer.

string

Maximum length: 63

access-config

Enable/disable FortiAnalyzer access to configuration and data.

option

-

enable

Option

Description

enable

Enable FortiAnalyzer access to configuration and data.

disable

Disable FortiAnalyzer access to configuration and data.

hmac-algorithm

FortiAnalyzer IPsec tunnel HMAC algorithm.

option

-

sha256

Option

Description

sha256

Use SHA256 as HMAC algorithm.

sha1

Step down to SHA1 as the HMAC algorithm.

enc-algorithm

Configure the level of SSL protection for secure communication with FortiAnalyzer.

option

-

low

Option

Description

high-medium

Encrypt logs using high and medium encryption algorithms.

high

Encrypt logs using high encryption algorithms.

low

Encrypt logs using all encryption algorithms.

ssl-min-proto-version

Minimum supported protocol version for SSL/TLS connections .

option

-

default

Option

Description

default

Follow system global setting.

SSLv3

SSLv3.

TLSv1

TLSv1.

TLSv1-1

TLSv1.1.

TLSv1-2

TLSv1.2.

conn-timeout

FortiAnalyzer connection time-out in seconds (for status and log buffer).

integer

Minimum value: 1 Maximum value: 3600

10

monitor-keepalive-period

Time between OFTP keepalives in seconds (for status and log buffer).

integer

Minimum value: 1 Maximum value: 120

5

monitor-failure-retry-period

Time between FortiAnalyzer connection retries in seconds (for status and log buffer).

integer

Minimum value: 1 Maximum value: 86400

5

certificate

Certificate used to communicate with FortiAnalyzer.

string

Maximum length: 35

source-ip

Source IPv4 or IPv6 address used to communicate with FortiAnalyzer.

string

Maximum length: 63

upload-option

Enable/disable logging to hard disk and then uploading to FortiAnalyzer.

option

-

5-minute

Option

Description

store-and-upload

Log to hard disk and then upload to FortiAnalyzer.

realtime

Log directly to FortiAnalyzer in real time.

1-minute

Log directly to FortiAnalyzer at least every 1 minute.

5-minute

Log directly to FortiAnalyzer at least every 5 minutes.

upload-interval

Frequency to upload log files to FortiAnalyzer.

option

-

daily

Option

Description

daily

Upload log files to FortiAnalyzer once a day.

weekly

Upload log files to FortiAnalyzer once a week.

monthly

Upload log files to FortiAnalyzer once a month.

upload-day

Day of week (month) to upload logs.

user

Not Specified

upload-time

Time to upload logs (hh:mm).

user

Not Specified

reliable

Enable/disable reliable logging to FortiAnalyzer.

option

-

disable

Option

Description

enable

Enable reliable logging to FortiAnalyzer.

disable

Disable reliable logging to FortiAnalyzer.

priority

Set log transmission priority.

option

-

default

Option

Description

default

Set FortiAnalyzer log transmission priority to default.

low

Set FortiAnalyzer log transmission priority to low.

max-log-rate

FortiAnalyzer maximum log rate in MBps (0 = unlimited).

integer

Minimum value: 0 Maximum value: 100000

0

interface-select-method

Specify how to select outgoing interface to reach server.

option

-

auto

Option

Description

auto

Set outgoing interface automatically.

sdwan

Set outgoing interface by SD-WAN or policy routing rules.

specify

Set outgoing interface manually.

interface

Specify outgoing interface to reach server.

string

Maximum length: 15