What are popular commands for troubleshooting FortiAnalyzer communication issues?

FortiAnalyzer needs to successfully receive logs via the network in order to process stuff. After all, it can't process the data it doesn't have right? 😄 As such, communication between data source devices (e.g. FortiGate, FortiAP, etc) and FAZ is critical. Here are some helpful commands for troubleshooting communication issues.

• execute ping - This performs a traditional ICMP request to see if FAZ can reach the remote Fortinet device.
• diagnose debug application oftpd 8 - This provides debug information to ensure that oftpd service (the file transfer daemon) is running properly.
• show log fortianalyzer setting - [FortiGate command] - This lets an admin check a local FortiGate to ensure it's configured to push logs to FortiAnalyzer.
• show log fortianalyzer filter - [FortiGate command] - This displays information on any logging filters that might be in place on the FortiGate device prior to sending to FortiAnalyzer.
• diagnose log test - [FortiGate command] this is a fun one. It generates test log events.

For more information, check out the following resources:

Logs generated while using the 'diagnose log test' command

the expected output while executing a log entry test using 'diagnose log test' command.ScopeFortiGateSolution The command 'diagnose log test' is utilized to create test log entries on the unit’s hard drive to a configured external logging server say Syslog server, FortiAnalzyer, etc.…

fortinetAshika17

CLI commands for troubleshooting | Examples

Fortinet docs logo

FortiGate to FortiAnalyzer connectivity

how to troubleshoot connectivity issues between FortiGate and FortiAnalyzer. This article additionally describes how the OFTPD protocol is used to create two communication streams between FortiGate and FortiAnalyzers. Scope OFTP uses TCP/514 for connectivity, health check, file transfer and log disp…

fortinetwogasawara