Fortinet Document Library

Version:


Table of Contents

CLI Reference

6.0.6
Download PDF
Copy Link

log fortianalyzer override-setting

Use this command within a VDOM to override the global configuration created with the config log fortianalyzer setting command. These settings configure logging for FortiAnalyzer logging devices.

config log fortianalyzer override-setting
    set override {enable | disable}   Enable/disable overriding FortiAnalyzer settings or use global settings.
    set use-management-vdom {enable | disable}   Enable/disable use of management VDOM IP address as source IP for logs sent to FortiAnalyzer.
    set status {enable | disable}   Enable/disable logging to FortiAnalyzer.
    set ips-archive {enable | disable}   Enable/disable IPS packet archive logging.
    set server {string}   The remote FortiAnalyzer. size[63]
    set hmac-algorithm {sha256 | sha1}   FortiAnalyzer IPsec tunnel HMAC algorithm.
            sha256  Use SHA256 as HMAC algorithm.
            sha1    Step down to SHA1 as the HMAC algorithm.
    set enc-algorithm {high-medium | high | low}   Enable/disable sending FortiAnalyzer log data with SSL encryption.
            high-medium  Encrypt logs using high and medium encryption algorithms.
            high         Encrypt logs using high encryption algorithms.
            low          Encrypt logs using all encryption algorithms.
    set ssl-min-proto-version {option}   Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
            default  Follow system global setting.
            SSLv3    SSLv3.
            TLSv1    TLSv1.
            TLSv1-1  TLSv1.1.
            TLSv1-2  TLSv1.2.
    set conn-timeout {integer}   FortiAnalyzer connection time-out in seconds (for status and log buffer). range[1-3600]
    set monitor-keepalive-period {integer}   Time between OFTP keepalives in seconds (for status and log buffer). range[1-120]
    set monitor-failure-retry-period {integer}   Time between FortiAnalyzer connection retries in seconds (for status and log buffer). range[1-86400]
    set mgmt-name {string}   Hidden management name of FortiAnalyzer. size[35]
    set faz-type {integer}   Hidden setting index of FortiAnalyzer. range[0-4294967295]
    set certificate {string}   Certificate used to communicate with FortiAnalyzer. size[35] - datasource(s): certificate.local.name
    set source-ip {string}   Source IPv4 or IPv6 address used to communicate with FortiAnalyzer. size[63]
    set __change_ip {integer}   Hidden attribute. range[0-255]
    set upload-option {store-and-upload | realtime | 1-minute | 5-minute}   Enable/disable logging to hard disk and then uploading to FortiAnalyzer.
            store-and-upload  Log to hard disk and then upload to FortiAnalyzer.
            realtime          Log directly to FortiAnalyzer in real time.
            1-minute          Log directly to FortiAnalyzer at most every 1 minute.
            5-minute          Log directly to FortiAnalyzer at most every 5 minutes.
    set upload-interval {daily | weekly | monthly}   Frequency to upload log files to FortiAnalyzer.
            daily    Upload log files to FortiAnalyzer once a day.
            weekly   Upload log files to FortiAnalyzer once a week.
            monthly  Upload log files to FortiAnalyzer once a month.
    set upload-day {string}   Day of week (month) to upload logs.
    set upload-time {string}   Time to upload logs (hh:mm).
    set reliable {enable | disable}   Enable/disable reliable logging to FortiAnalyzer.
end

log fortianalyzer override-setting

Use this command within a VDOM to override the global configuration created with the config log fortianalyzer setting command. These settings configure logging for FortiAnalyzer logging devices.

config log fortianalyzer override-setting
    set override {enable | disable}   Enable/disable overriding FortiAnalyzer settings or use global settings.
    set use-management-vdom {enable | disable}   Enable/disable use of management VDOM IP address as source IP for logs sent to FortiAnalyzer.
    set status {enable | disable}   Enable/disable logging to FortiAnalyzer.
    set ips-archive {enable | disable}   Enable/disable IPS packet archive logging.
    set server {string}   The remote FortiAnalyzer. size[63]
    set hmac-algorithm {sha256 | sha1}   FortiAnalyzer IPsec tunnel HMAC algorithm.
            sha256  Use SHA256 as HMAC algorithm.
            sha1    Step down to SHA1 as the HMAC algorithm.
    set enc-algorithm {high-medium | high | low}   Enable/disable sending FortiAnalyzer log data with SSL encryption.
            high-medium  Encrypt logs using high and medium encryption algorithms.
            high         Encrypt logs using high encryption algorithms.
            low          Encrypt logs using all encryption algorithms.
    set ssl-min-proto-version {option}   Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
            default  Follow system global setting.
            SSLv3    SSLv3.
            TLSv1    TLSv1.
            TLSv1-1  TLSv1.1.
            TLSv1-2  TLSv1.2.
    set conn-timeout {integer}   FortiAnalyzer connection time-out in seconds (for status and log buffer). range[1-3600]
    set monitor-keepalive-period {integer}   Time between OFTP keepalives in seconds (for status and log buffer). range[1-120]
    set monitor-failure-retry-period {integer}   Time between FortiAnalyzer connection retries in seconds (for status and log buffer). range[1-86400]
    set mgmt-name {string}   Hidden management name of FortiAnalyzer. size[35]
    set faz-type {integer}   Hidden setting index of FortiAnalyzer. range[0-4294967295]
    set certificate {string}   Certificate used to communicate with FortiAnalyzer. size[35] - datasource(s): certificate.local.name
    set source-ip {string}   Source IPv4 or IPv6 address used to communicate with FortiAnalyzer. size[63]
    set __change_ip {integer}   Hidden attribute. range[0-255]
    set upload-option {store-and-upload | realtime | 1-minute | 5-minute}   Enable/disable logging to hard disk and then uploading to FortiAnalyzer.
            store-and-upload  Log to hard disk and then upload to FortiAnalyzer.
            realtime          Log directly to FortiAnalyzer in real time.
            1-minute          Log directly to FortiAnalyzer at most every 1 minute.
            5-minute          Log directly to FortiAnalyzer at most every 5 minutes.
    set upload-interval {daily | weekly | monthly}   Frequency to upload log files to FortiAnalyzer.
            daily    Upload log files to FortiAnalyzer once a day.
            weekly   Upload log files to FortiAnalyzer once a week.
            monthly  Upload log files to FortiAnalyzer once a month.
    set upload-day {string}   Day of week (month) to upload logs.
    set upload-time {string}   Time to upload logs (hh:mm).
    set reliable {enable | disable}   Enable/disable reliable logging to FortiAnalyzer.
end