Fortinet black logo

Cookbook

Home FortiAnalyzer 6.2.0 Cookbook

Requesting a log fetch

6.2.0
6.2.0
5.4.0
5.2.0
Copy Link
Copy Doc ID 8ee8a6b6-7281-11e9-81a4-00505692583a:610017
Download PDF

Requesting a log fetch

You can use the fetch profile you created to fetch logs from the remote device. You have the option of selecting an ADOM on the local device to receive the logs, or a new one.

To request a log fetch:
  1. Go to System Settings > Fetcher Management, the click the Profiles tab.
  2. Right-click the fetch profile you created and click Request Fetch. Configure the settings in the Fetch Logs dialog, then click Request Fetch.

    Name

    Displays the name of the fetch server you have specified.

    Server IP

    Displays the IP address of the server you have specified.

    User

    Displays the username of the server administrator you have provided.

    Secure Connection

    Select to use SSL connection to transfer fetched logs from the server.

    Server ADOM

    Select the ADOM on the server the logs will be fetched from. Only one ADOM can be fetched from at a time.

    Local ADOM

    Select the ADOM on the client where the logs will be received.

    Either select an existing ADOM from the dropdown list, or create a new ADOM by entering a name for it into the field.

    Devices

    Add the devices and/or VDOMs that the logs will be fetched from. Up to 256 devices can be added.

    Click Select Device, select devices from the list, then click OK.

    Enable Filters

    Select to enable filters on the logs that will be fetched.

    Select All or Any of the Following Conditions in the Log messages that match field to control how the filters are applied to the logs.

    Add filters to the table by selecting the Log Field, Match Criteria, and Value for each filter.

    Time Period

    Specify what date and time range of log messages to fetch.

    Index Fetch Logs

    If selected, the fetched logs will be indexed in the SQL database of the client once they are received. Select this option unless you want to manually index the fetched logs.

  3. (Optional) Synchronize the devices and ADOMs.
    1. Go to System Settings > Fetcher Management and click the Profiles tab.
    2. Select the log fetch profile then click Sync Devices in the toolbar.
    Tooltip

    The devices and ADOMs must be synchronized with the server if this is the first time the fetching device is fetching logs from the remote device, or if any changes have been made to the devices or ADOMs since the last fetch.

    If a new ADOM is created, the new ADOM will mirror the disk space and data policy of the corresponding server ADOM. If there is not enough space on the device, the client will create an ADOM with the maximum allowed disk space and give a warning message. You can then adjust disk space allocation as required.
Previous
Next

Requesting a log fetch

You can use the fetch profile you created to fetch logs from the remote device. You have the option of selecting an ADOM on the local device to receive the logs, or a new one.

To request a log fetch:
  1. Go to System Settings > Fetcher Management, the click the Profiles tab.
  2. Right-click the fetch profile you created and click Request Fetch. Configure the settings in the Fetch Logs dialog, then click Request Fetch.

    Name

    Displays the name of the fetch server you have specified.

    Server IP

    Displays the IP address of the server you have specified.

    User

    Displays the username of the server administrator you have provided.

    Secure Connection

    Select to use SSL connection to transfer fetched logs from the server.

    Server ADOM

    Select the ADOM on the server the logs will be fetched from. Only one ADOM can be fetched from at a time.

    Local ADOM

    Select the ADOM on the client where the logs will be received.

    Either select an existing ADOM from the dropdown list, or create a new ADOM by entering a name for it into the field.

    Devices

    Add the devices and/or VDOMs that the logs will be fetched from. Up to 256 devices can be added.

    Click Select Device, select devices from the list, then click OK.

    Enable Filters

    Select to enable filters on the logs that will be fetched.

    Select All or Any of the Following Conditions in the Log messages that match field to control how the filters are applied to the logs.

    Add filters to the table by selecting the Log Field, Match Criteria, and Value for each filter.

    Time Period

    Specify what date and time range of log messages to fetch.

    Index Fetch Logs

    If selected, the fetched logs will be indexed in the SQL database of the client once they are received. Select this option unless you want to manually index the fetched logs.

  3. (Optional) Synchronize the devices and ADOMs.
    1. Go to System Settings > Fetcher Management and click the Profiles tab.
    2. Select the log fetch profile then click Sync Devices in the toolbar.
    Tooltip

    The devices and ADOMs must be synchronized with the server if this is the first time the fetching device is fetching logs from the remote device, or if any changes have been made to the devices or ADOMs since the last fetch.

    If a new ADOM is created, the new ADOM will mirror the disk space and data policy of the corresponding server ADOM. If there is not enough space on the device, the client will create an ADOM with the maximum allowed disk space and give a warning message. You can then adjust disk space allocation as required.
Previous
Next