Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Celio_di_Cavalcanti
New Contributor

Configure FortiAnalyzer via FQDN

Allow in FortiGate to also configure FortiAnalyzer via FQDN. This way we can make high availability via DNS or reverse proxy for example.

set server FQDN or IP Address

Regards,

Celio di Cavalcanti
1 REPLY 1
Alexis_G
Contributor II

 

 

 

Hi

I suppose that this is not your case. I you where able to (for examlple) to load balance logs between to FAZ then you would come to a point that some of logs would be in 1st FAZ and the rest in 2nd FAZ where from forensics point of view is not good idea.

 

a. If you have 2 Fortianalyzer Devices, you can configure Fortigate to push on both devices.

except from these

 

b. Fortianalyzer has a function of the first Fortianalyzer to be in Analyzer Mode and another on Collector mode . That means that Analyzer pushes to Collector.

 

c. Another option is that if your FAZ is a VM machine you can have a second instance in suspend mode with the same IP in DR site (via Layer 2 or NAT communication).

 

 Follows FAZ modes comparison/capabilities

 https://www.fortinetguru.com/2016/03/feature-comparison-between-analyzer-and-collector-mode-fortiana...

--------------------------------------------

If all else fails, use the force !

-------------------------------------------- If all else fails, use the force !
Labels
Top Kudoed Authors