Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    CLI Reference

    7.6.6
    7.6.6
    7.6.5
    7.6.4
    7.6.3
    7.6.2
    7.6.1
    7.6.0
    7.4.11
    7.4.10
    7.4.9
    7.4.8
    7.4.7
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.13
    7.2.12
    7.2.11
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.19
    7.0.18
    7.0.17
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.16
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.17
    6.2.16
    6.2.15
    6.2.14
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.0.0
    5.6.0
    5.4.0
    5.2.0
    5.0.0

    config log fortianalyzer2 override-setting

    config log fortianalyzer2 override-setting

    Override FortiAnalyzer settings.

    config log fortianalyzer2 override-setting
    Description: Override FortiAnalyzer settings.
    set access-config [enable|disable]
    set alt-server {string}
    set certificate {string}
    set certificate-verification [enable|disable]
    set conn-timeout {integer}
    set enc-algorithm [high-medium|high|...]
    set fallback-to-primary [enable|disable]
    set hmac-algorithm {option}
    set interface {string}
    set interface-select-method [auto|sdwan|...]
    set ips-archive [enable|disable]
    set max-log-rate {integer}
    set monitor-failure-retry-period {integer}
    set monitor-keepalive-period {integer}
    set preshared-key {string}
    set priority [default|low]
    set reliable [enable|disable]
    set serial <name1>, <name2>, ...
    set server {string}
    set server-cert-ca {string}
    set source-ip {string}
    set ssl-min-proto-version [default|SSLv3|...]
    set status [enable|disable]
    set upload-day {user}
    set upload-interval [daily|weekly|...]
    set upload-option [store-and-upload|realtime|...]
    set upload-time {user}
    set use-management-vdom [enable|disable]
    set vrf-select {integer}
end

    config log fortianalyzer2 override-setting

    Parameter

    Description

    Type

    Size

    Default

    access-config

    Enable/disable FortiAnalyzer access to configuration and data.

    option

    -

    enable

    Option

    Description

    enable

    Enable FortiAnalyzer access to configuration and data.

    disable

    Disable FortiAnalyzer access to configuration and data.

    alt-server

    Alternate FortiAnalyzer.

    string

    Maximum length: 127

    certificate

    Certificate used to communicate with FortiAnalyzer.

    string

    Maximum length: 35

    certificate-verification

    Enable/disable identity verification of FortiAnalyzer by use of certificate.

    option

    -

    enable

    Option

    Description

    enable

    Enable identity verification of FortiAnalyzer by use of certificate.

    disable

    Disable identity verification of FortiAnalyzer by use of certificate.

    conn-timeout

    FortiAnalyzer connection time-out in seconds (for status and log buffer).

    integer

    Minimum value: 1 Maximum value: 3600

    10

    enc-algorithm

    Configure the level of SSL protection for secure communication with FortiAnalyzer.

    option

    -

    high

    Option

    Description

    high-medium

    Encrypt logs using high and medium encryption algorithms.

    high

    Encrypt logs using high encryption algorithms.

    low

    Encrypt logs using all encryption algorithms.

    fallback-to-primary

    Enable/disable this FortiGate unit to fallback to the primary FortiAnalyzer when it is available.

    option

    -

    enable

    Option

    Description

    enable

    Enable this FortiGate unit to fallback to the primary FortiAnalyzer when it is available.

    disable

    Disable this FortiGate unit to fallback to the primary FortiAnalyzer when it is available.

    hmac-algorithm

    OFTP login hash algorithm.

    option

    -

    sha256

    Option

    Description

    sha256

    Use SHA256 as HMAC algorithm.

    interface

    Specify outgoing interface to reach server.

    string

    Maximum length: 15

    interface-select-method

    Specify how to select outgoing interface to reach server.

    option

    -

    auto

    Option

    Description

    auto

    Set outgoing interface automatically.

    sdwan

    Set outgoing interface by SD-WAN or policy routing rules.

    specify

    Set outgoing interface manually.

    ips-archive

    Enable/disable IPS packet archive logging.

    option

    -

    enable

    Option

    Description

    enable

    Enable IPS packet archive logging.

    disable

    Disable IPS packet archive logging.

    max-log-rate

    FortiAnalyzer maximum log rate in MBps (0 = unlimited).

    integer

    Minimum value: 0 Maximum value: 100000

    0

    monitor-failure-retry-period

    Time between FortiAnalyzer connection retries in seconds (for status and log buffer).

    integer

    Minimum value: 1 Maximum value: 86400

    5

    monitor-keepalive-period

    Time between OFTP keepalives in seconds (for status and log buffer).

    integer

    Minimum value: 1 Maximum value: 120

    5

    preshared-key

    Preshared-key used for auto-authorization on FortiAnalyzer.

    string

    Maximum length: 63

    priority

    Set log transmission priority.

    option

    -

    default

    Option

    Description

    default

    Set FortiAnalyzer log transmission priority to default.

    low

    Set FortiAnalyzer log transmission priority to low.

    reliable

    Enable/disable reliable logging to FortiAnalyzer.

    option

    -

    disable

    Option

    Description

    enable

    Enable reliable logging to FortiAnalyzer.

    disable

    Disable reliable logging to FortiAnalyzer.

    serial <name>

    Serial numbers of the FortiAnalyzer.

    Serial Number.

    string

    Maximum length: 79

    server

    The remote FortiAnalyzer.

    string

    Maximum length: 127

    server-cert-ca

    Mandatory CA on FortiGate in certificate chain of server.

    string

    Maximum length: 79

    source-ip

    Source IPv4 or IPv6 address used to communicate with FortiAnalyzer.

    string

    Maximum length: 63

    ssl-min-proto-version

    Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).

    option

    -

    default

    Option

    Description

    default

    Follow system global setting.

    SSLv3

    SSLv3.

    TLSv1

    TLSv1.

    TLSv1-1

    TLSv1.1.

    TLSv1-2

    TLSv1.2.

    TLSv1-3

    TLSv1.3.

    status

    Enable/disable logging to FortiAnalyzer.

    option

    -

    disable

    Option

    Description

    enable

    Enable logging to FortiAnalyzer.

    disable

    Disable logging to FortiAnalyzer.

    upload-day

    Day of week (month) to upload logs.

    user

    Not Specified

    upload-interval

    Frequency to upload log files to FortiAnalyzer.

    option

    -

    daily

    Option

    Description

    daily

    Upload log files to FortiAnalyzer once a day.

    weekly

    Upload log files to FortiAnalyzer once a week.

    monthly

    Upload log files to FortiAnalyzer once a month.

    upload-option

    Enable/disable logging to hard disk and then uploading to FortiAnalyzer.

    option

    -

    5-minute

    Option

    Description

    store-and-upload

    Log to hard disk and then upload to FortiAnalyzer.

    realtime

    Log directly to FortiAnalyzer in real time.

    1-minute

    Log directly to FortiAnalyzer at least every 1 minute.

    5-minute

    Log directly to FortiAnalyzer at least every 5 minutes.

    upload-time

    Time to upload logs (hh:mm).

    user

    Not Specified

    use-management-vdom

    Enable/disable use of management VDOM IP address as source IP for logs sent to FortiAnalyzer.

    option

    -

    disable

    Option

    Description

    enable

    Enable use of management VDOM IP address as source IP for logs sent to FortiAnalyzer.

    disable

    Disable use of management VDOM IP address as source IP for logs sent to FortiAnalyzer.

    vrf-select

    VRF ID used for connection to server.

    integer

    Minimum value: 0 Maximum value: 511

    0
    Previous
    Next

    config log fortianalyzer2 override-setting

    config log fortianalyzer2 override-setting

    Override FortiAnalyzer settings.

    config log fortianalyzer2 override-setting
    Description: Override FortiAnalyzer settings.
    set access-config [enable|disable]
    set alt-server {string}
    set certificate {string}
    set certificate-verification [enable|disable]
    set conn-timeout {integer}
    set enc-algorithm [high-medium|high|...]
    set fallback-to-primary [enable|disable]
    set hmac-algorithm {option}
    set interface {string}
    set interface-select-method [auto|sdwan|...]
    set ips-archive [enable|disable]
    set max-log-rate {integer}
    set monitor-failure-retry-period {integer}
    set monitor-keepalive-period {integer}
    set preshared-key {string}
    set priority [default|low]
    set reliable [enable|disable]
    set serial <name1>, <name2>, ...
    set server {string}
    set server-cert-ca {string}
    set source-ip {string}
    set ssl-min-proto-version [default|SSLv3|...]
    set status [enable|disable]
    set upload-day {user}
    set upload-interval [daily|weekly|...]
    set upload-option [store-and-upload|realtime|...]
    set upload-time {user}
    set use-management-vdom [enable|disable]
    set vrf-select {integer}
end

    config log fortianalyzer2 override-setting

    Parameter

    Description

    Type

    Size

    Default

    access-config

    Enable/disable FortiAnalyzer access to configuration and data.

    option

    -

    enable

    Option

    Description

    enable

    Enable FortiAnalyzer access to configuration and data.

    disable

    Disable FortiAnalyzer access to configuration and data.

    alt-server

    Alternate FortiAnalyzer.

    string

    Maximum length: 127

    certificate

    Certificate used to communicate with FortiAnalyzer.

    string

    Maximum length: 35

    certificate-verification

    Enable/disable identity verification of FortiAnalyzer by use of certificate.

    option

    -

    enable

    Option

    Description

    enable

    Enable identity verification of FortiAnalyzer by use of certificate.

    disable

    Disable identity verification of FortiAnalyzer by use of certificate.

    conn-timeout

    FortiAnalyzer connection time-out in seconds (for status and log buffer).

    integer

    Minimum value: 1 Maximum value: 3600

    10

    enc-algorithm

    Configure the level of SSL protection for secure communication with FortiAnalyzer.

    option

    -

    high

    Option

    Description

    high-medium

    Encrypt logs using high and medium encryption algorithms.

    high

    Encrypt logs using high encryption algorithms.

    low

    Encrypt logs using all encryption algorithms.

    fallback-to-primary

    Enable/disable this FortiGate unit to fallback to the primary FortiAnalyzer when it is available.

    option

    -

    enable

    Option

    Description

    enable

    Enable this FortiGate unit to fallback to the primary FortiAnalyzer when it is available.

    disable

    Disable this FortiGate unit to fallback to the primary FortiAnalyzer when it is available.

    hmac-algorithm

    OFTP login hash algorithm.

    option

    -

    sha256

    Option

    Description

    sha256

    Use SHA256 as HMAC algorithm.

    interface

    Specify outgoing interface to reach server.

    string

    Maximum length: 15

    interface-select-method

    Specify how to select outgoing interface to reach server.

    option

    -

    auto

    Option

    Description

    auto

    Set outgoing interface automatically.

    sdwan

    Set outgoing interface by SD-WAN or policy routing rules.

    specify

    Set outgoing interface manually.

    ips-archive

    Enable/disable IPS packet archive logging.

    option

    -

    enable

    Option

    Description

    enable

    Enable IPS packet archive logging.

    disable

    Disable IPS packet archive logging.

    max-log-rate

    FortiAnalyzer maximum log rate in MBps (0 = unlimited).

    integer

    Minimum value: 0 Maximum value: 100000

    0

    monitor-failure-retry-period

    Time between FortiAnalyzer connection retries in seconds (for status and log buffer).

    integer

    Minimum value: 1 Maximum value: 86400

    5

    monitor-keepalive-period

    Time between OFTP keepalives in seconds (for status and log buffer).

    integer

    Minimum value: 1 Maximum value: 120

    5

    preshared-key

    Preshared-key used for auto-authorization on FortiAnalyzer.

    string

    Maximum length: 63

    priority

    Set log transmission priority.

    option

    -

    default

    Option

    Description

    default

    Set FortiAnalyzer log transmission priority to default.

    low

    Set FortiAnalyzer log transmission priority to low.

    reliable

    Enable/disable reliable logging to FortiAnalyzer.

    option

    -

    disable

    Option

    Description

    enable

    Enable reliable logging to FortiAnalyzer.

    disable

    Disable reliable logging to FortiAnalyzer.

    serial <name>

    Serial numbers of the FortiAnalyzer.

    Serial Number.

    string

    Maximum length: 79

    server

    The remote FortiAnalyzer.

    string

    Maximum length: 127

    server-cert-ca

    Mandatory CA on FortiGate in certificate chain of server.

    string

    Maximum length: 79

    source-ip

    Source IPv4 or IPv6 address used to communicate with FortiAnalyzer.

    string

    Maximum length: 63

    ssl-min-proto-version

    Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).

    option

    -

    default

    Option

    Description

    default

    Follow system global setting.

    SSLv3

    SSLv3.

    TLSv1

    TLSv1.

    TLSv1-1

    TLSv1.1.

    TLSv1-2

    TLSv1.2.

    TLSv1-3

    TLSv1.3.

    status

    Enable/disable logging to FortiAnalyzer.

    option

    -

    disable

    Option

    Description

    enable

    Enable logging to FortiAnalyzer.

    disable

    Disable logging to FortiAnalyzer.

    upload-day

    Day of week (month) to upload logs.

    user

    Not Specified

    upload-interval

    Frequency to upload log files to FortiAnalyzer.

    option

    -

    daily

    Option

    Description

    daily

    Upload log files to FortiAnalyzer once a day.

    weekly

    Upload log files to FortiAnalyzer once a week.

    monthly

    Upload log files to FortiAnalyzer once a month.

    upload-option

    Enable/disable logging to hard disk and then uploading to FortiAnalyzer.

    option

    -

    5-minute

    Option

    Description

    store-and-upload

    Log to hard disk and then upload to FortiAnalyzer.

    realtime

    Log directly to FortiAnalyzer in real time.

    1-minute

    Log directly to FortiAnalyzer at least every 1 minute.

    5-minute

    Log directly to FortiAnalyzer at least every 5 minutes.

    upload-time

    Time to upload logs (hh:mm).

    user

    Not Specified

    use-management-vdom

    Enable/disable use of management VDOM IP address as source IP for logs sent to FortiAnalyzer.

    option

    -

    disable

    Option

    Description

    enable

    Enable use of management VDOM IP address as source IP for logs sent to FortiAnalyzer.

    disable

    Disable use of management VDOM IP address as source IP for logs sent to FortiAnalyzer.

    vrf-select

    VRF ID used for connection to server.

    integer

    Minimum value: 0 Maximum value: 511

    0
    Previous
    Next