Re: Fortianalyzer 5.6
I have managed a temporary work-around that enables me to view my v5.6 logs and carry out analytics without losing the logs on my production v5.4 FAZ.
I have spoken to my SE, who has been able to supply me with access to the FAZ v5.6 beta; I built a fresh vm from the beta code. When configured, I have then gone to the production FAZ, and configured Log Forwarding with a device filter configured to only forward the logs from the FGT running v5.6.
Once you have configured forwarding from the "donor" FAZ, you just need to go and accept the device on the "target" FAZ.
So far so good - the events & logs are all coming through as expected. This will do for now, until release of v5.6 GA.
The sometimes boffin, who' s always coughin' ...
FGT 300D x2