Fortinet black logo

Administration Guide

Monitoring performance SLA

SD-WAN diagnostics can be used to help maintain your SD-WAN solution.

Monitoring SD-WAN link quality status

Link quality plays a significant role in link selection for SD-WAN. Investigate any prolonged issues with packet loss, latency, or jitter to ensure that your network does not experience degraded performance or an outage.

You can monitor the link quality status of SD-WAN interface members by going to Network > SD-WAN and selecting the Performance SLAs tab.

The live charts show the packet loss, latency, or jitter for the selected health check. Hover the cursor over a line in the chart to see the specific value for that interface at that specific time.

The table shows information about each health check, including the configured servers, link quality data, and thresholds. The colored arrow indicates the status of the interface when the last status check was performed: green means that the interface was active, and red means that the interface was inactive. Hover the cursor over the arrow for additional information.

Monitoring system event logs

The features adds an SD-WAN daemon function to keep a short, 10 minute history of SLA that can be viewed in the CLI.

Performance SLA results related to interface selection, session failover, and other information, can be logged. These logs can then be used for long-term monitoring of traffic issues at remote sites, and for reports and views in FortiAnalyzer.

The time intervals that Performance SLA fail and pass logs are generated in can be configured.

To configure the fail and pass logs' generation time interval:
config system sdwan
    config health-check
        edit "PingSLA"
            set sla-fail-log-period 30
            set sla-pass-log-period 60
        next
    end
end
To view the 10 minute Performance SLA link status history:
FGDocs # diagnose sys sdwan sla-log PingSLA 1
Timestamp: Fri Sep  4 10:32:37 2020, vdom root, health-check PingSLA, interface: wan2, status: up, latency: 4.455, jitter: 0.430, packet loss: 0.000%.
Timestamp: Fri Sep  4 10:32:37 2020, vdom root, health-check PingSLA, interface: wan2, status: up, latency: 4.461, jitter: 0.436, packet loss: 0.000%.
Timestamp: Fri Sep  4 10:32:38 2020, vdom root, health-check PingSLA, interface: wan2, status: up, latency: 4.488, jitter: 0.415, packet loss: 0.000%.
...
Timestamp: Fri Sep  4 10:42:36 2020, vdom root, health-check PingSLA, interface: wan2, status: up, latency: 6.280, jitter: 0.302, packet loss: 0.000%.
Timestamp: Fri Sep  4 10:42:37 2020, vdom root, health-check PingSLA, interface: wan2, status: up, latency: 6.261, jitter: 0.257, packet loss: 0.000%.
Timestamp: Fri Sep  4 10:42:37 2020, vdom root, health-check PingSLA, interface: wan2, status: up, latency: 6.229, jitter: 0.245, packet loss: 0.000%.

SLA pass logs

The FortiGate generates Performance SLA logs at the specified pass log interval (sla-pass-log-period) when SLA passes.

date="2021-04-15" time="10:04:56" id=6951431609690095758 bid=52507 dvid=1047 itime=1618506296 euid=3 epid=3 dsteuid=3 dstepid=3 logver=700000066 logid="0113022925" type="event" subtype="sdwan" level="information" msg="Health Check SLA status." logdesc="SDWAN SLA information" status="up" interface="port1" eventtime=1618506296222639301 tz="-0700" eventtype="SLA" jitter="0.277" inbandwidthavailable="10.00Gbps" outbandwidthavailable="10.00Gbps" bibandwidthavailable="20.00Gbps" packetloss="1.000%" latency="186.071" slamap="0x1" healthcheck="BusinessCritical_CloudApps" slatargetid=1 outbandwidthused="40kbps" inbandwidthused="24kbps" bibandwidthused="64kbps" devid="FGVM02TM20000000" vd="root" devname="Branch_Office_01" csf="fabric"
date="2021-04-15" time="10:04:56" id=6951431609690095759 bid=52507 dvid=1047 itime=1618506296 euid=3 epid=3 dsteuid=3 dstepid=3 logver=700000066 logid="0113022925" type="event" subtype="sdwan" level="information" msg="Health Check SLA status." logdesc="SDWAN SLA information" status="up" interface="port2" eventtime=1618506296223163068 tz="-0700" eventtype="SLA" jitter="0.204" inbandwidthavailable="10.00Gbps" outbandwidthavailable="10.00Gbps" bibandwidthavailable="20.00Gbps" packetloss="0.000%" latency="185.939" slamap="0x1" healthcheck="BusinessCritical_CloudApps" slatargetid=1 outbandwidthused="142kbps" inbandwidthused="23kbps" bibandwidthused="165kbps" devid="FGVM02TM20000000" vd="root" devname="Branch_Office_01" csf="fabric"

In the FortiAnalyzer GUI:

SLA fail logs

The FortiGate generates Performance SLA logs at the specified fail log interval (sla-fail-log-period) when SLA fails.

date="2021-04-15" time="10:04:59" id=6951431618280030243 bid=52507 dvid=1047 itime=1618506298 euid=3 epid=3 dsteuid=3 dstepid=3 logver=700000066 logid="0113022925" type="event" subtype="sdwan" level="notice" msg="Health Check SLA status. SLA failed due to being over the performance metric threshold." logdesc="SDWAN SLA information" status="down" interface="To-HQ-MPLS" eventtime=1618506299718862835 tz="-0700" eventtype="SLA" jitter="0.000" inbandwidthavailable="10.00Gbps" outbandwidthavailable="10.00Gbps" bibandwidthavailable="20.00Gbps" packetloss="100.000%" latency="0.000" slamap="0x0" healthcheck="BusinessCritical_CloudApps" slatargetid=1 metric="packetloss" outbandwidthused="0kbps" inbandwidthused="0kbps" bibandwidthused="0kbps" devid="FGVM02TM20000000" vd="root" devname="Branch_Office_01" csf="fabric"
date="2021-04-15" time="10:05:03" id=6951431639754866704 bid=52514 dvid=1046 itime=1618506303 euid=3 epid=3 dsteuid=3 dstepid=3 logver=700000066 logid="0113022925" type="event" subtype="sdwan" level="notice" msg="Health Check SLA status. SLA failed due to being over the performance metric threshold." logdesc="SDWAN SLA information" status="down" interface="To-HQ-MPLS" eventtime=1618506304085863643 tz="-0700" eventtype="SLA" jitter="0.000" inbandwidthavailable="10.00Gbps" outbandwidthavailable="10.00Gbps" bibandwidthavailable="20.00Gbps" packetloss="100.000%" latency="0.000" slamap="0x0" healthcheck="BusinessCritical_CloudApps" slatargetid=1 metric="packetloss" outbandwidthused="6kbps" inbandwidthused="3kbps" bibandwidthused="9kbps" devid="FGVM02TM20000000" vd="root" devname="Branch_Office_02" csf="fabric"

In the FortiAnalyzer GUI:

Monitoring using the REST API

SLA log and interface information can be monitored using the REST API. This feature is also used by FortiManager as part of its detailed SLA monitoring and drilldown features.

API call

URL

Interface log

https://172.172.172.9/api/v2/monitor/virtual-wan/interface-log

SLA log

https://172.172.172.9/api/v2/monitor/virtual-wan/sla-log

Health check log

https://172.172.172.9/api/v2/monitor/virtual-wan/health-check

A comprehensive list of API calls with sample output is available on the Fortinet Developer Network.

CLI diagnose commands:
# diagnose sys sdwan intf-sla-log port13
    Timestamp: Wed Jan 9 18:33:49 2019, used inbandwidth: 3208bps, used outbandwidth: 3453bps, used bibandwidth: 6661bps, tx bytes: 947234bytes, rx bytes: 898622bytes.
    Timestamp: Wed Jan 9 18:33:59 2019, used inbandwidth: 3317bps, used outbandwidth: 3450bps, used bibandwidth: 6767bps, tx bytes: 951284bytes, rx bytes: 902937bytes.
    Timestamp: Wed Jan 9 18:34:09 2019, used inbandwidth: 3302bps, used outbandwidth: 3389bps, used bibandwidth: 6691bps, tx bytes: 956268bytes, rx bytes: 907114bytes.
    Timestamp: Wed Jan 9 18:34:19 2019, used inbandwidth: 3279bps, used outbandwidth: 3352bps, used bibandwidth: 6631bps, tx bytes: 958920bytes, rx bytes: 910793bytes.
    Timestamp: Wed Jan 9 18:34:29 2019, used inbandwidth: 3233bps, used outbandwidth: 3371bps, used bibandwidth: 6604bps, tx bytes: 964374bytes, rx bytes: 914854bytes.
    Timestamp: Wed Jan 9 18:34:39 2019, used inbandwidth: 3235bps, used outbandwidth: 3362bps, used bibandwidth: 6597bps, tx bytes: 968250bytes, rx bytes: 918846bytes.
    Timestamp: Wed Jan 9 18:34:49 2019, used inbandwidth: 3165bps, used outbandwidth: 3362bps, used bibandwidth: 6527bps, tx bytes: 972298bytes, rx bytes: 922724bytes.
    Timestamp: Wed Jan 9 18:34:59 2019, used inbandwidth: 3184bps, used outbandwidth: 3362bps, used bibandwidth: 6546bps, tx bytes: 977282bytes, rx bytes: 927019bytes.			
# diagnose sys sdwan sla-log ping 1 spoke11-p1_0
    Timestamp: Wed Mar  3 15:35:20 2021, vdom root, health-check ping, interface: spoke11-p1_0, status: up, latency: 0.135, jitter: 0.029, packet loss: 0.000%.

# diagnose sys sdwan sla-log ping 2 spoke12-p1_0
    Timestamp: Wed Mar  3 15:36:08 2021, vdom root, health-check ping, interface: spoke12-p1_0, status: up, latency: 0.095, jitter: 0.010, packet loss: 0.000%.
# diagnose sys sdwan health-check
    Health Check(ping):
    Seq(1 spoke11-p1): state(alive), packet-loss(0.000%) latency(0.156), jitter(0.043) sla_map=0x1
    Seq(1 spoke11-p1_0): state(alive), packet-loss(0.000%) latency(0.128), jitter(0.024) sla_map=0x1
    Seq(2 spoke12-p1): state(alive), packet-loss(0.000%) latency(0.125), jitter(0.028) sla_map=0x1
    Seq(2 spoke12-p1_0): state(alive), packet-loss(0.000%) latency(0.093), jitter(0.008) sla_map=0x1

SD-WAN diagnostics can be used to help maintain your SD-WAN solution.

Monitoring SD-WAN link quality status

Link quality plays a significant role in link selection for SD-WAN. Investigate any prolonged issues with packet loss, latency, or jitter to ensure that your network does not experience degraded performance or an outage.

You can monitor the link quality status of SD-WAN interface members by going to Network > SD-WAN and selecting the Performance SLAs tab.

The live charts show the packet loss, latency, or jitter for the selected health check. Hover the cursor over a line in the chart to see the specific value for that interface at that specific time.

The table shows information about each health check, including the configured servers, link quality data, and thresholds. The colored arrow indicates the status of the interface when the last status check was performed: green means that the interface was active, and red means that the interface was inactive. Hover the cursor over the arrow for additional information.

Monitoring system event logs

The features adds an SD-WAN daemon function to keep a short, 10 minute history of SLA that can be viewed in the CLI.

Performance SLA results related to interface selection, session failover, and other information, can be logged. These logs can then be used for long-term monitoring of traffic issues at remote sites, and for reports and views in FortiAnalyzer.

The time intervals that Performance SLA fail and pass logs are generated in can be configured.

To configure the fail and pass logs' generation time interval:
config system sdwan
    config health-check
        edit "PingSLA"
            set sla-fail-log-period 30
            set sla-pass-log-period 60
        next
    end
end
To view the 10 minute Performance SLA link status history:
FGDocs # diagnose sys sdwan sla-log PingSLA 1
Timestamp: Fri Sep  4 10:32:37 2020, vdom root, health-check PingSLA, interface: wan2, status: up, latency: 4.455, jitter: 0.430, packet loss: 0.000%.
Timestamp: Fri Sep  4 10:32:37 2020, vdom root, health-check PingSLA, interface: wan2, status: up, latency: 4.461, jitter: 0.436, packet loss: 0.000%.
Timestamp: Fri Sep  4 10:32:38 2020, vdom root, health-check PingSLA, interface: wan2, status: up, latency: 4.488, jitter: 0.415, packet loss: 0.000%.
...
Timestamp: Fri Sep  4 10:42:36 2020, vdom root, health-check PingSLA, interface: wan2, status: up, latency: 6.280, jitter: 0.302, packet loss: 0.000%.
Timestamp: Fri Sep  4 10:42:37 2020, vdom root, health-check PingSLA, interface: wan2, status: up, latency: 6.261, jitter: 0.257, packet loss: 0.000%.
Timestamp: Fri Sep  4 10:42:37 2020, vdom root, health-check PingSLA, interface: wan2, status: up, latency: 6.229, jitter: 0.245, packet loss: 0.000%.

SLA pass logs

The FortiGate generates Performance SLA logs at the specified pass log interval (sla-pass-log-period) when SLA passes.

date="2021-04-15" time="10:04:56" id=6951431609690095758 bid=52507 dvid=1047 itime=1618506296 euid=3 epid=3 dsteuid=3 dstepid=3 logver=700000066 logid="0113022925" type="event" subtype="sdwan" level="information" msg="Health Check SLA status." logdesc="SDWAN SLA information" status="up" interface="port1" eventtime=1618506296222639301 tz="-0700" eventtype="SLA" jitter="0.277" inbandwidthavailable="10.00Gbps" outbandwidthavailable="10.00Gbps" bibandwidthavailable="20.00Gbps" packetloss="1.000%" latency="186.071" slamap="0x1" healthcheck="BusinessCritical_CloudApps" slatargetid=1 outbandwidthused="40kbps" inbandwidthused="24kbps" bibandwidthused="64kbps" devid="FGVM02TM20000000" vd="root" devname="Branch_Office_01" csf="fabric"
date="2021-04-15" time="10:04:56" id=6951431609690095759 bid=52507 dvid=1047 itime=1618506296 euid=3 epid=3 dsteuid=3 dstepid=3 logver=700000066 logid="0113022925" type="event" subtype="sdwan" level="information" msg="Health Check SLA status." logdesc="SDWAN SLA information" status="up" interface="port2" eventtime=1618506296223163068 tz="-0700" eventtype="SLA" jitter="0.204" inbandwidthavailable="10.00Gbps" outbandwidthavailable="10.00Gbps" bibandwidthavailable="20.00Gbps" packetloss="0.000%" latency="185.939" slamap="0x1" healthcheck="BusinessCritical_CloudApps" slatargetid=1 outbandwidthused="142kbps" inbandwidthused="23kbps" bibandwidthused="165kbps" devid="FGVM02TM20000000" vd="root" devname="Branch_Office_01" csf="fabric"

In the FortiAnalyzer GUI:

SLA fail logs

The FortiGate generates Performance SLA logs at the specified fail log interval (sla-fail-log-period) when SLA fails.

date="2021-04-15" time="10:04:59" id=6951431618280030243 bid=52507 dvid=1047 itime=1618506298 euid=3 epid=3 dsteuid=3 dstepid=3 logver=700000066 logid="0113022925" type="event" subtype="sdwan" level="notice" msg="Health Check SLA status. SLA failed due to being over the performance metric threshold." logdesc="SDWAN SLA information" status="down" interface="To-HQ-MPLS" eventtime=1618506299718862835 tz="-0700" eventtype="SLA" jitter="0.000" inbandwidthavailable="10.00Gbps" outbandwidthavailable="10.00Gbps" bibandwidthavailable="20.00Gbps" packetloss="100.000%" latency="0.000" slamap="0x0" healthcheck="BusinessCritical_CloudApps" slatargetid=1 metric="packetloss" outbandwidthused="0kbps" inbandwidthused="0kbps" bibandwidthused="0kbps" devid="FGVM02TM20000000" vd="root" devname="Branch_Office_01" csf="fabric"
date="2021-04-15" time="10:05:03" id=6951431639754866704 bid=52514 dvid=1046 itime=1618506303 euid=3 epid=3 dsteuid=3 dstepid=3 logver=700000066 logid="0113022925" type="event" subtype="sdwan" level="notice" msg="Health Check SLA status. SLA failed due to being over the performance metric threshold." logdesc="SDWAN SLA information" status="down" interface="To-HQ-MPLS" eventtime=1618506304085863643 tz="-0700" eventtype="SLA" jitter="0.000" inbandwidthavailable="10.00Gbps" outbandwidthavailable="10.00Gbps" bibandwidthavailable="20.00Gbps" packetloss="100.000%" latency="0.000" slamap="0x0" healthcheck="BusinessCritical_CloudApps" slatargetid=1 metric="packetloss" outbandwidthused="6kbps" inbandwidthused="3kbps" bibandwidthused="9kbps" devid="FGVM02TM20000000" vd="root" devname="Branch_Office_02" csf="fabric"

In the FortiAnalyzer GUI:

Monitoring using the REST API

SLA log and interface information can be monitored using the REST API. This feature is also used by FortiManager as part of its detailed SLA monitoring and drilldown features.

API call

URL

Interface log

https://172.172.172.9/api/v2/monitor/virtual-wan/interface-log

SLA log

https://172.172.172.9/api/v2/monitor/virtual-wan/sla-log

Health check log

https://172.172.172.9/api/v2/monitor/virtual-wan/health-check

A comprehensive list of API calls with sample output is available on the Fortinet Developer Network.

CLI diagnose commands:
# diagnose sys sdwan intf-sla-log port13
    Timestamp: Wed Jan 9 18:33:49 2019, used inbandwidth: 3208bps, used outbandwidth: 3453bps, used bibandwidth: 6661bps, tx bytes: 947234bytes, rx bytes: 898622bytes.
    Timestamp: Wed Jan 9 18:33:59 2019, used inbandwidth: 3317bps, used outbandwidth: 3450bps, used bibandwidth: 6767bps, tx bytes: 951284bytes, rx bytes: 902937bytes.
    Timestamp: Wed Jan 9 18:34:09 2019, used inbandwidth: 3302bps, used outbandwidth: 3389bps, used bibandwidth: 6691bps, tx bytes: 956268bytes, rx bytes: 907114bytes.
    Timestamp: Wed Jan 9 18:34:19 2019, used inbandwidth: 3279bps, used outbandwidth: 3352bps, used bibandwidth: 6631bps, tx bytes: 958920bytes, rx bytes: 910793bytes.
    Timestamp: Wed Jan 9 18:34:29 2019, used inbandwidth: 3233bps, used outbandwidth: 3371bps, used bibandwidth: 6604bps, tx bytes: 964374bytes, rx bytes: 914854bytes.
    Timestamp: Wed Jan 9 18:34:39 2019, used inbandwidth: 3235bps, used outbandwidth: 3362bps, used bibandwidth: 6597bps, tx bytes: 968250bytes, rx bytes: 918846bytes.
    Timestamp: Wed Jan 9 18:34:49 2019, used inbandwidth: 3165bps, used outbandwidth: 3362bps, used bibandwidth: 6527bps, tx bytes: 972298bytes, rx bytes: 922724bytes.
    Timestamp: Wed Jan 9 18:34:59 2019, used inbandwidth: 3184bps, used outbandwidth: 3362bps, used bibandwidth: 6546bps, tx bytes: 977282bytes, rx bytes: 927019bytes.			
# diagnose sys sdwan sla-log ping 1 spoke11-p1_0
    Timestamp: Wed Mar  3 15:35:20 2021, vdom root, health-check ping, interface: spoke11-p1_0, status: up, latency: 0.135, jitter: 0.029, packet loss: 0.000%.

# diagnose sys sdwan sla-log ping 2 spoke12-p1_0
    Timestamp: Wed Mar  3 15:36:08 2021, vdom root, health-check ping, interface: spoke12-p1_0, status: up, latency: 0.095, jitter: 0.010, packet loss: 0.000%.
# diagnose sys sdwan health-check
    Health Check(ping):
    Seq(1 spoke11-p1): state(alive), packet-loss(0.000%) latency(0.156), jitter(0.043) sla_map=0x1
    Seq(1 spoke11-p1_0): state(alive), packet-loss(0.000%) latency(0.128), jitter(0.024) sla_map=0x1
    Seq(2 spoke12-p1): state(alive), packet-loss(0.000%) latency(0.125), jitter(0.028) sla_map=0x1
    Seq(2 spoke12-p1_0): state(alive), packet-loss(0.000%) latency(0.093), jitter(0.008) sla_map=0x1