SQL database
FortiAnalyzer supports Structured Query Language (SQL) for logging and reporting. The log data is inserted into the SQL database to support data analysis in SOC > FortiView, Log View, and Reports. Remote SQL databases are not supported.
For more information, see FortiView, Types of logs collected for each device, and Reports.
The log storage settings define how much FortiAnalyzer disk space to use for the SQL database.
When FortiAnalyzer is in Collector mode, the SQL database is disabled by default. If you want to use logs that require SQL when FortiAnalyzer is in Collector mode, you must enable the SQL database. See Two operation modes. |