Configure the FortiAnalyzer unit
Configuring the FortiAnalyzer unit
FortiAnalyzer Version 3.0 MR3 Administration Guide
05-30003-0082-20060925
51
Log Aggregation
Log aggregation is a method of collating log data from remote FortiAnalyzer units
to a central FortiAnalyzer unit.
For example, a company may have a headquarters and a number of branch
offices. Each branch office has a FortiGate unit and a FortiAnalyzer-100A/100B to
collect local log information. The headquarters has a FortiAnalyzer-2000 as the
central log aggregator.
You can also use the FortiAnalyzer unit to aggregate logs for third party network
devices or server/work stations that supports syslog log messaging.
Reuse Settings
from Standard
Logs
Select to use configured options for device logs settings. See
Log file should not
exceed
The maximum size of the current log file that the FortiAnalyzer unit
saves to the disk. When the log file reaches the specified maximum
size, the FortiAnalyzer unit saves the current log file and starts a new
active log file.
When a log file reaches its maximum size, the FortiAnalyzer unit
saves the log files with an incremental number, and starts a new log
file with the same name.
Log file should be
rolled
Set the frequency of when the FortiAnalyzer unit saves the current
log file and starts a new active log file. Select this option if you want to
start new log files even if the maximum log file size has not been
reached. For example, you want to roll a daily log on a FortiAnalyzer
unit that does not see a lot of activity.
Log to Host
Select to send FortiAnalyzer log messages to a Syslog server.
IP
Enter the IP address of the Syslog server.
Port
Enter the Syslog port. The default port is 514.
Log Level
Select the severity level for the log messages recorded to the Syslog
server. The FortiAnalyzer unit logs all levels of severity down to, but
not lower than, the level you select. For example, if you want to
record emergency, critical, and error messages, select Error.
CSV format
Enable CSV format to record log messages in comma-separated
value (CSV) formatted files. Log message fields are separated by
commas.
Event Log
Select to configure the events the FortiAnalyzer unit records to the
log.
Automatcially
Delete
Select the age unit for the specific log or report files. Select from
hours, weeks, days or months, and enter the value for the age unit.
Summary of Contents for FortiAnalyzer-100A
Page 1: ...www fortinet com FortiAnalyzer Version 3 0 MR3 A D M I N I S T R A T I O N G U I D E...
Page 10: ...FortiAnalyzer Version 3 0 MR3 Administration Guide 10 05 30003 0082 20060925 Contents...
Page 88: ...FortiAnalyzer Version 3 0 MR3 Administration Guide 88 05 30003 0082 20060925 Log rolling Logs...
Page 138: ...FortiAnalyzer Version 3 0 MR3 Administration Guide 138 05 30003 0082 20060925 Output Alerts...
Page 161: ...www fortinet com...
Page 162: ...www fortinet com...