Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 26.2.0
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    User Guide

    Home FortiAppSec Cloud User Guide
    26.2.0
    26.2.0
    26.1.0
    25.4.0
    25.3.0
    25.2.0

    Miscellaneous

    Miscellaneous

    This section answers frequently asked questions about WAF that are not covered in other FAQ topics.

    How do I troubleshoot Traffic Log Setting errors?

    If your traffic log export is failing, check the notification message for details on the issue. Below are common errors and their possible causes:

    Server Type

    Error Message

    Description

    AWS S3

    S3 bucket connection failure from our traffic log server

    The AWS IAM user corresponding to the S3 bucket lacks the necessary permissions.

    Please check and update the IAM user permissions in AWS to ensure the required access is granted.

    AWS S3

    The specified bucket does not exist

    The specified S3 bucket does not exist.

    Please recreate the bucket or update the configuration to the correct bucket name.

    AWS S3

    The AWS Access Key Id you provided does not exist in our records

    The IAM credentials you provided are either non-existent, invalid, or expired.

    Please update the credentials in WAF > Log Settings, under Traffic Log Export to ensure proper authentication.

    Azure Blob

    ContainerNotFound (404)

    The specified Azure blob container does not exist.

    Please update the container name to a valid and existing container.

    Azure Blob

    AuthenticationFailed (403)

    The Azure Blob credential is invalid, which may be caused by an incorrect access key or an improperly configured Azure Blob network firewall.

    Please update your access key in WAF > Log Settings, under Traffic Log Export, and check the network configuration in Azure Blob to ensure proper access.
    Why are some IP addresses unable to access to my application?

    Check if the IP address in question has been blocked for security reasons by navigating to WAF > FortiView > Blocked IPs. For instructions on reviewing and releasing blocked IP addresses, see Review and release blocked IP addresses.

    How does WAF build machine learning models for ML Based API Protection and Anomaly Detection?

    Anomaly Detection learns and builds models based on URL parameters and form parameters.

    ML Based API Protection is designed specifically for requests with JSON-formatted bodies, learning the structure and fields within the JSON payload.

    Previous
    Next

    Miscellaneous

    Miscellaneous

    This section answers frequently asked questions about WAF that are not covered in other FAQ topics.

    How do I troubleshoot Traffic Log Setting errors?

    If your traffic log export is failing, check the notification message for details on the issue. Below are common errors and their possible causes:

    Server Type

    Error Message

    Description

    AWS S3

    S3 bucket connection failure from our traffic log server

    The AWS IAM user corresponding to the S3 bucket lacks the necessary permissions.

    Please check and update the IAM user permissions in AWS to ensure the required access is granted.

    AWS S3

    The specified bucket does not exist

    The specified S3 bucket does not exist.

    Please recreate the bucket or update the configuration to the correct bucket name.

    AWS S3

    The AWS Access Key Id you provided does not exist in our records

    The IAM credentials you provided are either non-existent, invalid, or expired.

    Please update the credentials in WAF > Log Settings, under Traffic Log Export to ensure proper authentication.

    Azure Blob

    ContainerNotFound (404)

    The specified Azure blob container does not exist.

    Please update the container name to a valid and existing container.

    Azure Blob

    AuthenticationFailed (403)

    The Azure Blob credential is invalid, which may be caused by an incorrect access key or an improperly configured Azure Blob network firewall.

    Please update your access key in WAF > Log Settings, under Traffic Log Export, and check the network configuration in Azure Blob to ensure proper access.
    Why are some IP addresses unable to access to my application?

    Check if the IP address in question has been blocked for security reasons by navigating to WAF > FortiView > Blocked IPs. For instructions on reviewing and releasing blocked IP addresses, see Review and release blocked IP addresses.

    How does WAF build machine learning models for ML Based API Protection and Anomaly Detection?

    Anomaly Detection learns and builds models based on URL parameters and form parameters.

    ML Based API Protection is designed specifically for requests with JSON-formatted bodies, learning the structure and fields within the JSON payload.

    Previous
    Next