Fortinet black logo

CLI Reference

config log fortianalyzer override-setting

config log fortianalyzer override-setting

Override FortiAnalyzer settings.

config log fortianalyzer override-setting

Description: Override FortiAnalyzer settings.

set use-management-vdom [enable|disable]

set status [enable|disable]

set ips-archive [enable|disable]

set server {string}

set certificate-verification [enable|disable]

set serial <name1>, <name2>, ...

set access-config [enable|disable]

set hmac-algorithm [sha256|sha1]

set enc-algorithm [high-medium|high|...]

set ssl-min-proto-version [default|SSLv3|...]

set conn-timeout {integer}

set monitor-keepalive-period {integer}

set monitor-failure-retry-period {integer}

set certificate {string}

set source-ip {string}

set upload-option [store-and-upload|realtime|...]

set upload-interval [daily|weekly|...]

set upload-day {user}

set upload-time {user}

set reliable [enable|disable]

set priority [default|low]

set max-log-rate {integer}

set interface-select-method [auto|sdwan|...]

set interface {string}

end

config log fortianalyzer override-setting

Parameter

Description

Type

Size

use-management-vdom

Enable/disable use of management VDOM IP address as source IP for logs sent to FortiAnalyzer.

option

-

Option

Description

enable

Enable use of management VDOM IP address as source IP for logs sent to FortiAnalyzer.

disable

Disable use of management VDOM IP address as source IP for logs sent to FortiAnalyzer.

status

Enable/disable logging to FortiAnalyzer.

option

-

Option

Description

enable

Enable logging to FortiAnalyzer.

disable

Disable logging to FortiAnalyzer.

ips-archive

Enable/disable IPS packet archive logging.

option

-

Option

Description

enable

Enable IPS packet archive logging.

disable

Disable IPS packet archive logging.

server

The remote FortiAnalyzer.

string

Maximum length: 63

certificate-verification

Enable/disable identity verification of FortiAnalyzer by use of certificate.

option

-

Option

Description

enable

Enable identity verification of FortiAnalyzer by use of certificate.

disable

Disable identity verification of FortiAnalyzer by use of certificate.

serial <name>

Serial numbers of the FortiAnalyzer.

Serial Number.

string

Maximum length: 79

access-config

Enable/disable FortiAnalyzer access to configuration and data.

option

-

Option

Description

enable

Enable FortiAnalyzer access to configuration and data.

disable

Disable FortiAnalyzer access to configuration and data.

hmac-algorithm

FortiAnalyzer IPsec tunnel HMAC algorithm.

option

-

Option

Description

sha256

Use SHA256 as HMAC algorithm.

sha1

Step down to SHA1 as the HMAC algorithm.

enc-algorithm

Configure the level of SSL protection for secure communication with FortiAnalyzer.

option

-

Option

Description

high-medium

Encrypt logs using high and medium encryption algorithms.

high

Encrypt logs using high encryption algorithms.

low

Encrypt logs using all encryption algorithms.

ssl-min-proto-version

Minimum supported protocol version for SSL/TLS connections .

option

-

Option

Description

default

Follow system global setting.

SSLv3

SSLv3.

TLSv1

TLSv1.

TLSv1-1

TLSv1.1.

TLSv1-2

TLSv1.2.

conn-timeout

FortiAnalyzer connection time-out in seconds (for status and log buffer).

integer

Minimum value: 1 Maximum value: 3600

monitor-keepalive-period

Time between OFTP keepalives in seconds (for status and log buffer).

integer

Minimum value: 1 Maximum value: 120

monitor-failure-retry-period

Time between FortiAnalyzer connection retries in seconds (for status and log buffer).

integer

Minimum value: 1 Maximum value: 86400

certificate

Certificate used to communicate with FortiAnalyzer.

string

Maximum length: 35

source-ip

Source IPv4 or IPv6 address used to communicate with FortiAnalyzer.

string

Maximum length: 63

upload-option

Enable/disable logging to hard disk and then uploading to FortiAnalyzer.

option

-

Option

Description

store-and-upload

Log to hard disk and then upload to FortiAnalyzer.

realtime

Log directly to FortiAnalyzer in real time.

1-minute

Log directly to FortiAnalyzer at most every 1 minute.

5-minute

Log directly to FortiAnalyzer at most every 5 minutes.

upload-interval

Frequency to upload log files to FortiAnalyzer.

option

-

Option

Description

daily

Upload log files to FortiAnalyzer once a day.

weekly

Upload log files to FortiAnalyzer once a week.

monthly

Upload log files to FortiAnalyzer once a month.

upload-day

Day of week (month) to upload logs.

user

Not Specified

upload-time

Time to upload logs (hh:mm).

user

Not Specified

reliable

Enable/disable reliable logging to FortiAnalyzer.

option

-

Option

Description

enable

Enable reliable logging to FortiAnalyzer.

disable

Disable reliable logging to FortiAnalyzer.

priority

Set log transmission priority.

option

-

Option

Description

default

Set FortiAnalyzer log transmission priority to default.

low

Set FortiAnalyzer log transmission priority to low.

max-log-rate

FortiAnalyzer maximum log rate in MBps (0 = unlimited).

integer

Minimum value: 0 Maximum value: 100000

interface-select-method

Specify how to select outgoing interface to reach server.

option

-

Option

Description

auto

Set outgoing interface automatically.

sdwan

Set outgoing interface by SD-WAN or policy routing rules.

specify

Set outgoing interface manually.

interface

Specify outgoing interface to reach server.

string

Maximum length: 15

config log fortianalyzer override-setting

Override FortiAnalyzer settings.

config log fortianalyzer override-setting

Description: Override FortiAnalyzer settings.

set use-management-vdom [enable|disable]

set status [enable|disable]

set ips-archive [enable|disable]

set server {string}

set certificate-verification [enable|disable]

set serial <name1>, <name2>, ...

set access-config [enable|disable]

set hmac-algorithm [sha256|sha1]

set enc-algorithm [high-medium|high|...]

set ssl-min-proto-version [default|SSLv3|...]

set conn-timeout {integer}

set monitor-keepalive-period {integer}

set monitor-failure-retry-period {integer}

set certificate {string}

set source-ip {string}

set upload-option [store-and-upload|realtime|...]

set upload-interval [daily|weekly|...]

set upload-day {user}

set upload-time {user}

set reliable [enable|disable]

set priority [default|low]

set max-log-rate {integer}

set interface-select-method [auto|sdwan|...]

set interface {string}

end

config log fortianalyzer override-setting

Parameter

Description

Type

Size

use-management-vdom

Enable/disable use of management VDOM IP address as source IP for logs sent to FortiAnalyzer.

option

-

Option

Description

enable

Enable use of management VDOM IP address as source IP for logs sent to FortiAnalyzer.

disable

Disable use of management VDOM IP address as source IP for logs sent to FortiAnalyzer.

status

Enable/disable logging to FortiAnalyzer.

option

-

Option

Description

enable

Enable logging to FortiAnalyzer.

disable

Disable logging to FortiAnalyzer.

ips-archive

Enable/disable IPS packet archive logging.

option

-

Option

Description

enable

Enable IPS packet archive logging.

disable

Disable IPS packet archive logging.

server

The remote FortiAnalyzer.

string

Maximum length: 63

certificate-verification

Enable/disable identity verification of FortiAnalyzer by use of certificate.

option

-

Option

Description

enable

Enable identity verification of FortiAnalyzer by use of certificate.

disable

Disable identity verification of FortiAnalyzer by use of certificate.

serial <name>

Serial numbers of the FortiAnalyzer.

Serial Number.

string

Maximum length: 79

access-config

Enable/disable FortiAnalyzer access to configuration and data.

option

-

Option

Description

enable

Enable FortiAnalyzer access to configuration and data.

disable

Disable FortiAnalyzer access to configuration and data.

hmac-algorithm

FortiAnalyzer IPsec tunnel HMAC algorithm.

option

-

Option

Description

sha256

Use SHA256 as HMAC algorithm.

sha1

Step down to SHA1 as the HMAC algorithm.

enc-algorithm

Configure the level of SSL protection for secure communication with FortiAnalyzer.

option

-

Option

Description

high-medium

Encrypt logs using high and medium encryption algorithms.

high

Encrypt logs using high encryption algorithms.

low

Encrypt logs using all encryption algorithms.

ssl-min-proto-version

Minimum supported protocol version for SSL/TLS connections .

option

-

Option

Description

default

Follow system global setting.

SSLv3

SSLv3.

TLSv1

TLSv1.

TLSv1-1

TLSv1.1.

TLSv1-2

TLSv1.2.

conn-timeout

FortiAnalyzer connection time-out in seconds (for status and log buffer).

integer

Minimum value: 1 Maximum value: 3600

monitor-keepalive-period

Time between OFTP keepalives in seconds (for status and log buffer).

integer

Minimum value: 1 Maximum value: 120

monitor-failure-retry-period

Time between FortiAnalyzer connection retries in seconds (for status and log buffer).

integer

Minimum value: 1 Maximum value: 86400

certificate

Certificate used to communicate with FortiAnalyzer.

string

Maximum length: 35

source-ip

Source IPv4 or IPv6 address used to communicate with FortiAnalyzer.

string

Maximum length: 63

upload-option

Enable/disable logging to hard disk and then uploading to FortiAnalyzer.

option

-

Option

Description

store-and-upload

Log to hard disk and then upload to FortiAnalyzer.

realtime

Log directly to FortiAnalyzer in real time.

1-minute

Log directly to FortiAnalyzer at most every 1 minute.

5-minute

Log directly to FortiAnalyzer at most every 5 minutes.

upload-interval

Frequency to upload log files to FortiAnalyzer.

option

-

Option

Description

daily

Upload log files to FortiAnalyzer once a day.

weekly

Upload log files to FortiAnalyzer once a week.

monthly

Upload log files to FortiAnalyzer once a month.

upload-day

Day of week (month) to upload logs.

user

Not Specified

upload-time

Time to upload logs (hh:mm).

user

Not Specified

reliable

Enable/disable reliable logging to FortiAnalyzer.

option

-

Option

Description

enable

Enable reliable logging to FortiAnalyzer.

disable

Disable reliable logging to FortiAnalyzer.

priority

Set log transmission priority.

option

-

Option

Description

default

Set FortiAnalyzer log transmission priority to default.

low

Set FortiAnalyzer log transmission priority to low.

max-log-rate

FortiAnalyzer maximum log rate in MBps (0 = unlimited).

integer

Minimum value: 0 Maximum value: 100000

interface-select-method

Specify how to select outgoing interface to reach server.

option

-

Option

Description

auto

Set outgoing interface automatically.

sdwan

Set outgoing interface by SD-WAN or policy routing rules.

specify

Set outgoing interface manually.

interface

Specify outgoing interface to reach server.

string

Maximum length: 15