config log fortianalyzer2 override-setting
Override FortiAnalyzer settings.
config log fortianalyzer2 override-setting
Description: Override FortiAnalyzer settings.
set use-management-vdom [enable|disable]
set status [enable|disable]
set ips-archive [enable|disable]
set server {string}
set certificate-verification [enable|disable]
set serial <name1>, <name2>, ...
set preshared-key {string}
set access-config [enable|disable]
set hmac-algorithm [sha256|sha1]
set enc-algorithm [high-medium|high|...]
set ssl-min-proto-version [default|SSLv3|...]
set conn-timeout {integer}
set monitor-keepalive-period {integer}
set monitor-failure-retry-period {integer}
set certificate {string}
set source-ip {string}
set upload-option [store-and-upload|realtime|...]
set upload-interval [daily|weekly|...]
set upload-day {user}
set upload-time {user}
set reliable [enable|disable]
set priority [default|low]
set max-log-rate {integer}
set interface-select-method [auto|sdwan|...]
set interface {string}
end
config log fortianalyzer2 override-setting
Parameter |
Description |
Type |
Size |
Default |
||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
use-management-vdom |
Enable/disable use of management VDOM IP address as source IP for logs sent to FortiAnalyzer. |
option |
- |
disable |
||||||||||||
|
|
|||||||||||||||
status |
Enable/disable logging to FortiAnalyzer. |
option |
- |
disable |
||||||||||||
|
|
|||||||||||||||
ips-archive |
Enable/disable IPS packet archive logging. |
option |
- |
enable |
||||||||||||
|
|
|||||||||||||||
server |
The remote FortiAnalyzer. |
string |
Not Specified |
|
||||||||||||
certificate-verification |
Enable/disable identity verification of FortiAnalyzer by use of certificate. |
option |
- |
enable |
||||||||||||
|
|
|||||||||||||||
serial |
Serial numbers of the FortiAnalyzer. Serial Number. |
string |
Maximum length: 79 |
|
||||||||||||
preshared-key |
Preshared-key used for auto-authorization on FortiAnalyzer. |
string |
Not Specified |
|
||||||||||||
access-config |
Enable/disable FortiAnalyzer access to configuration and data. |
option |
- |
enable |
||||||||||||
|
|
|||||||||||||||
hmac-algorithm |
FortiAnalyzer IPsec tunnel HMAC algorithm. |
option |
- |
sha256 |
||||||||||||
|
|
|||||||||||||||
enc-algorithm |
Configure the level of SSL protection for secure communication with FortiAnalyzer. |
option |
- |
high |
||||||||||||
|
|
|||||||||||||||
ssl-min-proto-version |
Minimum supported protocol version for SSL/TLS connections . |
option |
- |
default |
||||||||||||
|
|
|||||||||||||||
conn-timeout |
FortiAnalyzer connection time-out in seconds (for status and log buffer). |
integer |
Minimum value: 1 Maximum value: 3600 |
10 |
||||||||||||
monitor-keepalive-period |
Time between OFTP keepalives in seconds (for status and log buffer). |
integer |
Minimum value: 1 Maximum value: 120 |
5 |
||||||||||||
monitor-failure-retry-period |
Time between FortiAnalyzer connection retries in seconds (for status and log buffer). |
integer |
Minimum value: 1 Maximum value: 86400 |
5 |
||||||||||||
certificate |
Certificate used to communicate with FortiAnalyzer. |
string |
Not Specified |
|
||||||||||||
source-ip |
Source IPv4 or IPv6 address used to communicate with FortiAnalyzer. |
string |
Not Specified |
|
||||||||||||
upload-option |
Enable/disable logging to hard disk and then uploading to FortiAnalyzer. |
option |
- |
5-minute |
||||||||||||
|
|
|||||||||||||||
upload-interval |
Frequency to upload log files to FortiAnalyzer. |
option |
- |
daily |
||||||||||||
|
|
|||||||||||||||
upload-day |
Day of week (month) to upload logs. |
user |
Not Specified |
|
||||||||||||
upload-time |
Time to upload logs (hh:mm). |
user |
Not Specified |
|
||||||||||||
reliable |
Enable/disable reliable logging to FortiAnalyzer. |
option |
- |
disable |
||||||||||||
|
|
|||||||||||||||
priority |
Set log transmission priority. |
option |
- |
default |
||||||||||||
|
|
|||||||||||||||
max-log-rate |
FortiAnalyzer maximum log rate in MBps (0 = unlimited). |
integer |
Minimum value: 0 Maximum value: 100000 |
0 |
||||||||||||
interface-select-method |
Specify how to select outgoing interface to reach server. |
option |
- |
auto |
||||||||||||
|
|
|||||||||||||||
interface |
Specify outgoing interface to reach server. |
string |
Not Specified |
|