Fortigate stops logging after Fortianalyzer v6.2.1 upgrade
Just posting this in case it helps someone else ...
I upgraded our FAZ-VM from v5.6 to v6.0 and then v6.2.1 ... and found that logs were no longer being received ... they were queueing up on our Fortigate and the "test connectivity" on the FGT was failing.
After some mild panic and troubleshooting, then opening a ticket with Fortinet, I discovered that you MUST have encryption enabled on the FGT in the Logging configuration. As soon as this was done, the problem was resolved.
I had read the Release Notes, however the Special Notices wording was as follows:
All OFTP connections must be encrypted for FortiAnalyzer 6.2.0 (or higher)
Prior to upgrading to FortiAnalyzer 6.2, make sure that all FortiGate devices are configured to use encryption when communicating with FortiAnalyzer. Starting with FortiAnalyzer 6.2.0, all OFTP communications must be encrypted.
It was not at all clear that OFTP meant Logging. Not to me anyway.
Hope this helps someone else ...