config log fortianalyzer setting
Global FortiAnalyzer settings.
config log fortianalyzer setting Description: Global FortiAnalyzer settings. set status [enable|disable] set ips-archive [enable|disable] set server {string} set alt-server {string} set fallback-to-primary [enable|disable] set certificate-verification [enable|disable] set serial <name1>, <name2>, ... set server-cert-ca {string} set preshared-key {string} set access-config [enable|disable] set hmac-algorithm [sha256|sha1] set enc-algorithm [high-medium|high|...] set ssl-min-proto-version [default|SSLv3|...] set conn-timeout {integer} set monitor-keepalive-period {integer} set monitor-failure-retry-period {integer} set certificate {string} set source-ip {string} set upload-option [store-and-upload|realtime|...] set upload-interval [daily|weekly|...] set upload-day {user} set upload-time {user} set reliable [enable|disable] set priority [default|low] set max-log-rate {integer} set interface-select-method [auto|specify] set interface {string} end
config log fortianalyzer setting
Parameter |
Description |
Type |
Size |
Default |
||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
status |
Enable/disable logging to FortiAnalyzer. |
option |
- |
disable |
||||||||||||||
|
|
|||||||||||||||||
ips-archive |
Enable/disable IPS packet archive logging. |
option |
- |
enable |
||||||||||||||
|
|
|||||||||||||||||
server |
The remote FortiAnalyzer. |
string |
Maximum length: 127 |
|
||||||||||||||
alt-server |
Alternate FortiAnalyzer. |
string |
Maximum length: 127 |
|
||||||||||||||
fallback-to-primary |
Enable/disable this FortiGate unit to fallback to the primary FortiAnalyzer when it is available. |
option |
- |
enable |
||||||||||||||
|
|
|||||||||||||||||
certificate-verification |
Enable/disable identity verification of FortiAnalyzer by use of certificate. |
option |
- |
enable |
||||||||||||||
|
|
|||||||||||||||||
serial |
Serial numbers of the FortiAnalyzer. Serial Number. |
string |
Maximum length: 79 |
|
||||||||||||||
server-cert-ca |
Mandatory CA on FortiGate in certificate chain of server. |
string |
Maximum length: 79 |
|
||||||||||||||
preshared-key |
Preshared-key used for auto-authorization on FortiAnalyzer. |
string |
Maximum length: 63 |
|
||||||||||||||
access-config |
Enable/disable FortiAnalyzer access to configuration and data. |
option |
- |
enable |
||||||||||||||
|
|
|||||||||||||||||
hmac-algorithm |
OFTP login hash algorithm. |
option |
- |
sha256 |
||||||||||||||
|
|
|||||||||||||||||
enc-algorithm |
Configure the level of SSL protection for secure communication with FortiAnalyzer. |
option |
- |
high |
||||||||||||||
|
|
|||||||||||||||||
ssl-min-proto-version |
Minimum supported protocol version for SSL/TLS connections. |
option |
- |
default |
||||||||||||||
|
|
|||||||||||||||||
conn-timeout |
FortiAnalyzer connection time-out in seconds (for status and log buffer). |
integer |
Minimum value: 1 Maximum value: 3600 |
10 |
||||||||||||||
monitor-keepalive-period |
Time between OFTP keepalives in seconds (for status and log buffer). |
integer |
Minimum value: 1 Maximum value: 120 |
5 |
||||||||||||||
monitor-failure-retry-period |
Time between FortiAnalyzer connection retries in seconds (for status and log buffer). |
integer |
Minimum value: 1 Maximum value: 86400 |
5 |
||||||||||||||
certificate |
Certificate used to communicate with FortiAnalyzer. |
string |
Maximum length: 35 |
|
||||||||||||||
source-ip |
Source IPv4 or IPv6 address used to communicate with FortiAnalyzer. |
string |
Maximum length: 63 |
|
||||||||||||||
upload-option |
Enable/disable logging to hard disk and then uploading to FortiAnalyzer. |
option |
- |
5-minute |
||||||||||||||
|
|
|||||||||||||||||
upload-interval |
Frequency to upload log files to FortiAnalyzer. |
option |
- |
daily |
||||||||||||||
|
|
|||||||||||||||||
upload-day |
Day of week (month) to upload logs. |
user |
Not Specified |
|
||||||||||||||
upload-time |
Time to upload logs (hh:mm). |
user |
Not Specified |
|
||||||||||||||
reliable |
Enable/disable reliable logging to FortiAnalyzer. |
option |
- |
disable |
||||||||||||||
|
|
|||||||||||||||||
priority |
Set log transmission priority. |
option |
- |
default |
||||||||||||||
|
|
|||||||||||||||||
max-log-rate |
FortiAnalyzer maximum log rate in MBps (0 = unlimited). |
integer |
Minimum value: 0 Maximum value: 100000 |
0 |
||||||||||||||
interface-select-method |
Specify how to select outgoing interface to reach server. |
option |
- |
auto |
||||||||||||||
|
|
|||||||||||||||||
interface |
Specify outgoing interface to reach server. |
string |
Maximum length: 15 |
|