Fortinet white logo
Fortinet white logo

CLI Reference

sql-local

sql-local

Use this command to remove the SQL database and logs from the FortiAnalyzer system and to rebuild the database and devices.

When rebuilding the SQL database, new logs will not be available until the rebuild is complete. The time required to rebuild the database is dependent on the size of the database. Please plan a maintenance window to complete the database rebuild. You can use the diagnose sql status rebuild-db command to display the SQL log database rebuild status.

The following features will not be available until after the SQL database rebuild has completed: FortiView, Log View, Event Management, and Reports.

Syntax

execute sql-local rebuild-adom <adom> ... <adom>

execute sql-local rebuild-db

execute sql-local rebuild-index <adom> <start-time > <end-time>

execute sql-local rebuild-siemdb

execute sql-local rebuild-skipidx <adom> <start-time > <end-time>

Variable

Description

rebuild-adom

Rebuild log SQL database from log data for particular ADOMs.

rebuild-db

Rebuild entire log SQL database from log data. This operation will remove the SQL database and rebuild from log data. It will also reboot the device.

rebuild-index

Rebuild indexes for an ADOM.

rebuild-siemdb

Rebuild the SIEM database for normalized logs.

rebuild-skipidx

Rebuild skip-indexes.

<adom>

The ADOM name. Multiple ADOM names can be entered when rebuilding ADOMs.

<start-time >

Enter the start time (timestamp or <yyyy-mm-dd hh:mm:ss>).

<end-time>

Enter the end time (timestamp or <yyyy-mm-dd hh:mm:ss>).

<log type>

Enter the log type from available log types, for example: emailfilter

sql-local

sql-local

Use this command to remove the SQL database and logs from the FortiAnalyzer system and to rebuild the database and devices.

When rebuilding the SQL database, new logs will not be available until the rebuild is complete. The time required to rebuild the database is dependent on the size of the database. Please plan a maintenance window to complete the database rebuild. You can use the diagnose sql status rebuild-db command to display the SQL log database rebuild status.

The following features will not be available until after the SQL database rebuild has completed: FortiView, Log View, Event Management, and Reports.

Syntax

execute sql-local rebuild-adom <adom> ... <adom>

execute sql-local rebuild-db

execute sql-local rebuild-index <adom> <start-time > <end-time>

execute sql-local rebuild-siemdb

execute sql-local rebuild-skipidx <adom> <start-time > <end-time>

Variable

Description

rebuild-adom

Rebuild log SQL database from log data for particular ADOMs.

rebuild-db

Rebuild entire log SQL database from log data. This operation will remove the SQL database and rebuild from log data. It will also reboot the device.

rebuild-index

Rebuild indexes for an ADOM.

rebuild-siemdb

Rebuild the SIEM database for normalized logs.

rebuild-skipidx

Rebuild skip-indexes.

<adom>

The ADOM name. Multiple ADOM names can be entered when rebuilding ADOMs.

<start-time >

Enter the start time (timestamp or <yyyy-mm-dd hh:mm:ss>).

<end-time>

Enter the end time (timestamp or <yyyy-mm-dd hh:mm:ss>).

<log type>

Enter the log type from available log types, for example: emailfilter