Fortinet white logo
Fortinet white logo

CLI Reference

log fortianalyzer2 override-setting

Override FortiAnalyzer settings.

  config log fortianalyzer2 override-setting
      Description: Override FortiAnalyzer settings.
      set faz-type {integer}
      set override [enable|disable]
      set use-management-vdom [enable|disable]
      set status [enable|disable]
      set ips-archive [enable|disable]
      set server {string}
      set certificate-verification [enable|disable]
      set serial <name1>, <name2>, ...
      set access-config [enable|disable]
      set hmac-algorithm [sha256|sha1]
      set enc-algorithm [high-medium|high|...]
      set ssl-min-proto-version [default|SSLv3|...]
      set conn-timeout {integer}
      set monitor-keepalive-period {integer}
      set monitor-failure-retry-period {integer}
      set mgmt-name {string}
      set certificate {string}
      set source-ip {string}
      set __change_ip {integer}
      set upload-option [store-and-upload|realtime|...]
      set upload-interval [daily|weekly|...]
      set upload-day {user}
      set upload-time {user}
      set reliable [enable|disable]
  end

config log fortianalyzer2 override-setting

Parameter Name Description Type Size
faz-type Hidden setting index of FortiAnalyzer. integer Minimum value: 0 Maximum value: 4294967295
override Enable/disable overriding FortiAnalyzer settings or use global settings.
enable: Override FortiAnalyzer.
disable: Do not override FortiAnalyzer.
option -
use-management-vdom Enable/disable use of management VDOM IP address as source IP for logs sent to FortiAnalyzer.
enable: Enable use of management VDOM IP address as source IP for logs sent to FortiAnalyzer.
disable: Disable use of management VDOM IP address as source IP for logs sent to FortiAnalyzer.
option -
status Enable/disable logging to FortiAnalyzer.
enable: Enable logging to FortiAnalyzer.
disable: Disable logging to FortiAnalyzer.
option -
ips-archive Enable/disable IPS packet archive logging.
enable: Enable IPS packet archive logging.
disable: Disable IPS packet archive logging.
option -
server The remote FortiAnalyzer. string Maximum length: 63
certificate-verification Enable/disable identity verification of FortiAnalyzer by use of certificate.
enable: Enable identity verification of FortiAnalyzer by use of certificate.
disable: Disable identity verification of FortiAnalyzer by use of certificate.
option -
serial <name> Serial numbers of the FortiAnalyzer.
Serial Number.
string Maximum length: 79
access-config Enable/disable FortiAnalyzer access to configuration and data.
enable: Enable FortiAnalyzer access to configuration and data.
disable: Disable FortiAnalyzer access to configuration and data.
option -
hmac-algorithm FortiAnalyzer IPsec tunnel HMAC algorithm.
sha256: Use SHA256 as HMAC algorithm.
sha1: Step down to SHA1 as the HMAC algorithm.
option -
enc-algorithm Configure the level of SSL protection for secure communication with FortiAnalyzer.
high-medium: Encrypt logs using high and medium encryption algorithms.
high: Encrypt logs using high encryption algorithms.
low: Encrypt logs using all encryption algorithms.
option -
ssl-min-proto-version Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
default: Follow system global setting.
SSLv3: SSLv3.
TLSv1: TLSv1.
TLSv1-1: TLSv1.1.
TLSv1-2: TLSv1.2.
option -
conn-timeout FortiAnalyzer connection time-out in seconds (for status and log buffer). integer Minimum value: 1 Maximum value: 3600
monitor-keepalive-period Time between OFTP keepalives in seconds (for status and log buffer). integer Minimum value: 1 Maximum value: 120
monitor-failure-retry-period Time between FortiAnalyzer connection retries in seconds (for status and log buffer). integer Minimum value: 1 Maximum value: 86400
mgmt-name Hidden management name of FortiAnalyzer. string Maximum length: 35
certificate Certificate used to communicate with FortiAnalyzer. string Maximum length: 35
source-ip Source IPv4 or IPv6 address used to communicate with FortiAnalyzer. string Maximum length: 63
__change_ip Hidden attribute. integer Minimum value: 0 Maximum value: 255
upload-option Enable/disable logging to hard disk and then uploading to FortiAnalyzer.
store-and-upload: Log to hard disk and then upload to FortiAnalyzer.
realtime: Log directly to FortiAnalyzer in real time.
1-minute: Log directly to FortiAnalyzer at most every 1 minute.
5-minute: Log directly to FortiAnalyzer at most every 5 minutes.
option -
upload-interval Frequency to upload log files to FortiAnalyzer.
daily: Upload log files to FortiAnalyzer once a day.
weekly: Upload log files to FortiAnalyzer once a week.
monthly: Upload log files to FortiAnalyzer once a month.
option -
upload-day Day of week (month) to upload logs. user Not Specified
upload-time Time to upload logs (hh:mm). user Not Specified
reliable Enable/disable reliable logging to FortiAnalyzer.
enable: Enable reliable logging to FortiAnalyzer.
disable: Disable reliable logging to FortiAnalyzer.
option -

log fortianalyzer2 override-setting

Override FortiAnalyzer settings.

  config log fortianalyzer2 override-setting
      Description: Override FortiAnalyzer settings.
      set faz-type {integer}
      set override [enable|disable]
      set use-management-vdom [enable|disable]
      set status [enable|disable]
      set ips-archive [enable|disable]
      set server {string}
      set certificate-verification [enable|disable]
      set serial <name1>, <name2>, ...
      set access-config [enable|disable]
      set hmac-algorithm [sha256|sha1]
      set enc-algorithm [high-medium|high|...]
      set ssl-min-proto-version [default|SSLv3|...]
      set conn-timeout {integer}
      set monitor-keepalive-period {integer}
      set monitor-failure-retry-period {integer}
      set mgmt-name {string}
      set certificate {string}
      set source-ip {string}
      set __change_ip {integer}
      set upload-option [store-and-upload|realtime|...]
      set upload-interval [daily|weekly|...]
      set upload-day {user}
      set upload-time {user}
      set reliable [enable|disable]
  end

config log fortianalyzer2 override-setting

Parameter Name Description Type Size
faz-type Hidden setting index of FortiAnalyzer. integer Minimum value: 0 Maximum value: 4294967295
override Enable/disable overriding FortiAnalyzer settings or use global settings.
enable: Override FortiAnalyzer.
disable: Do not override FortiAnalyzer.
option -
use-management-vdom Enable/disable use of management VDOM IP address as source IP for logs sent to FortiAnalyzer.
enable: Enable use of management VDOM IP address as source IP for logs sent to FortiAnalyzer.
disable: Disable use of management VDOM IP address as source IP for logs sent to FortiAnalyzer.
option -
status Enable/disable logging to FortiAnalyzer.
enable: Enable logging to FortiAnalyzer.
disable: Disable logging to FortiAnalyzer.
option -
ips-archive Enable/disable IPS packet archive logging.
enable: Enable IPS packet archive logging.
disable: Disable IPS packet archive logging.
option -
server The remote FortiAnalyzer. string Maximum length: 63
certificate-verification Enable/disable identity verification of FortiAnalyzer by use of certificate.
enable: Enable identity verification of FortiAnalyzer by use of certificate.
disable: Disable identity verification of FortiAnalyzer by use of certificate.
option -
serial <name> Serial numbers of the FortiAnalyzer.
Serial Number.
string Maximum length: 79
access-config Enable/disable FortiAnalyzer access to configuration and data.
enable: Enable FortiAnalyzer access to configuration and data.
disable: Disable FortiAnalyzer access to configuration and data.
option -
hmac-algorithm FortiAnalyzer IPsec tunnel HMAC algorithm.
sha256: Use SHA256 as HMAC algorithm.
sha1: Step down to SHA1 as the HMAC algorithm.
option -
enc-algorithm Configure the level of SSL protection for secure communication with FortiAnalyzer.
high-medium: Encrypt logs using high and medium encryption algorithms.
high: Encrypt logs using high encryption algorithms.
low: Encrypt logs using all encryption algorithms.
option -
ssl-min-proto-version Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
default: Follow system global setting.
SSLv3: SSLv3.
TLSv1: TLSv1.
TLSv1-1: TLSv1.1.
TLSv1-2: TLSv1.2.
option -
conn-timeout FortiAnalyzer connection time-out in seconds (for status and log buffer). integer Minimum value: 1 Maximum value: 3600
monitor-keepalive-period Time between OFTP keepalives in seconds (for status and log buffer). integer Minimum value: 1 Maximum value: 120
monitor-failure-retry-period Time between FortiAnalyzer connection retries in seconds (for status and log buffer). integer Minimum value: 1 Maximum value: 86400
mgmt-name Hidden management name of FortiAnalyzer. string Maximum length: 35
certificate Certificate used to communicate with FortiAnalyzer. string Maximum length: 35
source-ip Source IPv4 or IPv6 address used to communicate with FortiAnalyzer. string Maximum length: 63
__change_ip Hidden attribute. integer Minimum value: 0 Maximum value: 255
upload-option Enable/disable logging to hard disk and then uploading to FortiAnalyzer.
store-and-upload: Log to hard disk and then upload to FortiAnalyzer.
realtime: Log directly to FortiAnalyzer in real time.
1-minute: Log directly to FortiAnalyzer at most every 1 minute.
5-minute: Log directly to FortiAnalyzer at most every 5 minutes.
option -
upload-interval Frequency to upload log files to FortiAnalyzer.
daily: Upload log files to FortiAnalyzer once a day.
weekly: Upload log files to FortiAnalyzer once a week.
monthly: Upload log files to FortiAnalyzer once a month.
option -
upload-day Day of week (month) to upload logs. user Not Specified
upload-time Time to upload logs (hh:mm). user Not Specified
reliable Enable/disable reliable logging to FortiAnalyzer.
enable: Enable reliable logging to FortiAnalyzer.
disable: Disable reliable logging to FortiAnalyzer.
option -