config log fortianalyzer setting
Global FortiAnalyzer settings.
config log fortianalyzer setting
Description: Global FortiAnalyzer settings.
set status [enable|disable]
set ips-archive [enable|disable]
set server {string}
set certificate-verification [enable|disable]
set serial <name1>, <name2>, ...
set preshared-key {string}
set access-config [enable|disable]
set hmac-algorithm [sha256|sha1]
set enc-algorithm [high-medium|high|...]
set ssl-min-proto-version [default|SSLv3|...]
set conn-timeout {integer}
set monitor-keepalive-period {integer}
set monitor-failure-retry-period {integer}
set certificate {string}
set source-ip {string}
set upload-option [store-and-upload|realtime|...]
set upload-interval [daily|weekly|...]
set upload-day {user}
set upload-time {user}
set reliable [enable|disable]
set priority [default|low]
set max-log-rate {integer}
set interface-select-method [auto|sdwan|...]
set interface {string}
end
config log fortianalyzer setting
Parameter |
Description |
Type |
Size |
Default |
||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
status |
Enable/disable logging to FortiAnalyzer. |
option |
- |
disable |
||||||||||||||
|
|
|||||||||||||||||
ips-archive |
Enable/disable IPS packet archive logging. |
option |
- |
enable |
||||||||||||||
|
|
|||||||||||||||||
server |
The remote FortiAnalyzer. |
string |
Not Specified |
|
||||||||||||||
certificate-verification |
Enable/disable identity verification of FortiAnalyzer by use of certificate. |
option |
- |
enable |
||||||||||||||
|
|
|||||||||||||||||
serial |
Serial numbers of the FortiAnalyzer. Serial Number. |
string |
Maximum length: 79 |
|
||||||||||||||
preshared-key |
Preshared-key used for auto-authorization on FortiAnalyzer. |
string |
Not Specified |
|
||||||||||||||
access-config |
Enable/disable FortiAnalyzer access to configuration and data. |
option |
- |
enable |
||||||||||||||
|
|
|||||||||||||||||
hmac-algorithm |
OFTP login hash algorithm. |
option |
- |
sha256 |
||||||||||||||
|
|
|||||||||||||||||
enc-algorithm |
Configure the level of SSL protection for secure communication with FortiAnalyzer. |
option |
- |
high |
||||||||||||||
|
|
|||||||||||||||||
ssl-min-proto-version |
Minimum supported protocol version for SSL/TLS connections . |
option |
- |
default |
||||||||||||||
|
|
|||||||||||||||||
conn-timeout |
FortiAnalyzer connection time-out in seconds (for status and log buffer). |
integer |
Minimum value: 1 Maximum value: 3600 |
10 |
||||||||||||||
monitor-keepalive-period |
Time between OFTP keepalives in seconds (for status and log buffer). |
integer |
Minimum value: 1 Maximum value: 120 |
5 |
||||||||||||||
monitor-failure-retry-period |
Time between FortiAnalyzer connection retries in seconds (for status and log buffer). |
integer |
Minimum value: 1 Maximum value: 86400 |
5 |
||||||||||||||
certificate |
Certificate used to communicate with FortiAnalyzer. |
string |
Not Specified |
|
||||||||||||||
source-ip |
Source IPv4 or IPv6 address used to communicate with FortiAnalyzer. |
string |
Not Specified |
|
||||||||||||||
upload-option |
Enable/disable logging to hard disk and then uploading to FortiAnalyzer. |
option |
- |
5-minute |
||||||||||||||
|
|
|||||||||||||||||
upload-interval |
Frequency to upload log files to FortiAnalyzer. |
option |
- |
daily |
||||||||||||||
|
|
|||||||||||||||||
upload-day |
Day of week (month) to upload logs. |
user |
Not Specified |
|
||||||||||||||
upload-time |
Time to upload logs (hh:mm). |
user |
Not Specified |
|
||||||||||||||
reliable |
Enable/disable reliable logging to FortiAnalyzer. |
option |
- |
disable |
||||||||||||||
|
|
|||||||||||||||||
priority |
Set log transmission priority. |
option |
- |
default |
||||||||||||||
|
|
|||||||||||||||||
max-log-rate |
FortiAnalyzer maximum log rate in MBps (0 = unlimited). |
integer |
Minimum value: 0 Maximum value: 100000 |
0 |
||||||||||||||
interface-select-method |
Specify how to select outgoing interface to reach server. |
option |
- |
auto |
||||||||||||||
|
|
|||||||||||||||||
interface |
Specify outgoing interface to reach server. |
string |
Not Specified |
|