Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
lspk
Staff
Staff

Created on ‎11-21-2024 12:24 AM

Article Id 358935

Technical Tip: CLI commands to verify connectivty status between FortiGate and FortiAnalyzer

Description This article describes new CLI commands to fetch information about the connectivity between FortiGate and FortiAnalyzer.
Scope FortiGate v7.2+.
Solution

The following command returns information about the status of the FortiGate-FortiAnalyzer connection.

 

To show global log settings (useful for checking FortiAnalyzer's IP, authorization state, status, filter, etc.).

Global:

 

diagnose test application fgtlogd 1

 

And for VDOM:

 

diagnose test application fgtlogd 2

vdom-admin=0
mgmt=root

fortilog:
faz: global , enabled
server=10.109.19.110, alt-server=, active-server=10.109.19.110, realtime=1, ssl=1, state=connected
server_log_status=Log is allowed.,
src=, mgmt_name=FGh_Log_root_10.109.19.110, reliable=0, sni_prefix_type=none,
required_entitlement=none, region=ca-west-1,
logsync_enabled:1, logsync_conn_id:65535, seq_no:0
disconnect_jiffies:0
status: ver=0, used_disk=0, total_disk=0, global=0, vfid=0 conn_verified=N
SNs: last sn update:2007 seconds ago.
Sn list:

queue: qlen=0.
filter: severity=6, sz_exclude_list=0
anomaly voip gtp forti-switch
free-style filters: sz_filters=0
subcategory:
traffic: local multicast sniffer ztna

 

Anomaly:


To dump statistics:

 

diagnose test application fgtlogd 4
Queues in all miglogds: cur:0 total-so-far:444
global log dev statistics:
faz=205, faz_cloud=0, fds_log=0 (number should be increasing in case of new logs)

 

To generate testing logs:


diagnose test log

 

And check if the number of logs is increasing.

 

In case the issue is with a specific type of log: Show log detailed statistics by running:


diagnose test application fgtlogd 3

info for vdom: root
faz
traffic: logs=8 len=4440, Sun=0 Mon=0 Tue=0 Wed=0 Thu=0 Fri=0 Sat=0 compressed=4568
event: logs=170 len=71975, Sun=0 Mon=0 Tue=0 Wed=166 Thu=0 Fri=0 Sat=0 compressed=74695
anomaly: logs=9 len=6174, Sun=0 Mon=0 Tue=0 Wed=9 Thu=0 Fri=0 Sat=0 compressed=6318
voip: logs=9 len=5112, Sun=0 Mon=0 Tue=0 Wed=9 Thu=0 Fri=0 Sat=0 compressed=5256
forti-switch: logs=9 len=3042, Sun=0 Mon=0 Tue=0 Wed=9 Thu=0 Fri=0 Sat=0 compressed=3186

 

To show dropped logs due to the log rate limit for all devices:

 

diagnose test application fgtlogd 5
Number of logs skipped due to over max log rate
global:
root:

 

Related article:

Troubleshooting Tip: FortiGate to FortiAnalyzer connectivity 

 

692
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.