Helpful ReplyHot!Fortigate stops logging after Fortianalyzer v6.2.1 upgrade

Author
Frosty
Gold Member
  • Total Posts : 197
  • Scores: 13
  • Reward points: 0
  • Joined: 2010/11/03 15:53:40
  • Status: offline
2019/08/01 21:38:34 (permalink)
5 (1)

Fortigate stops logging after Fortianalyzer v6.2.1 upgrade

Just posting this in case it helps someone else ...
 
I upgraded our FAZ-VM from v5.6 to v6.0 and then v6.2.1 ... and found that logs were no longer being received ... they were queueing up on our Fortigate and the "test connectivity" on the FGT was failing.
 
After some mild panic and troubleshooting, then opening a ticket with Fortinet, I discovered that you MUST have encryption enabled on the FGT in the Logging configuration.  As soon as this was done, the problem was resolved.
 
I had read the Release Notes, however the Special Notices wording was as follows:
  All OFTP connections must be encrypted for FortiAnalyzer 6.2.0 (or higher)
  Prior to upgrading to FortiAnalyzer 6.2, make sure that all FortiGate devices are configured to use encryption when   communicating with FortiAnalyzer. Starting with FortiAnalyzer 6.2.0, all OFTP communications must be encrypted.
 
It was not at all clear that OFTP meant Logging.  Not to me anyway.
 
Hope this helps someone else ...
#1
Dragnipur
New Member
  • Total Posts : 5
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/09/26 07:52:15
  • Status: offline
Re: Fortigate stops logging after Fortianalyzer v6.2.1 upgrade 2019/09/26 07:53:18 (permalink)
0
you saved my day...
#2
miraching
New Member
  • Total Posts : 2
  • Scores: 2
  • Reward points: 0
  • Joined: 2021/04/20 21:22:35
  • Status: offline
Re: Fortigate stops logging after Fortianalyzer v6.2.1 upgrade 2021/04/20 21:28:27 (permalink) ☄ Helpfulby StingRay 2021/06/10 16:08:58
5 (1)
For VMs (FAZ & FG) do this
 
@ FAZ
config system global
set log-forward-cache-size 4
set oftp-ssl-protocol sslv3
end

 
@ FG
config log fortianalyzer setting
set serial "FAZ-VM0000000001"
set ssl-min-proto-version SSLv3
end

 
wait for a min or two then issue
execute log fortianalyzer test-connectivity

post edited by miraching - 2021/04/20 21:31:46
#3
StingRay
New Member
  • Total Posts : 1
  • Scores: 0
  • Reward points: 0
  • Joined: 2021/06/10 16:08:03
  • Status: offline
Re: Fortigate stops logging after Fortianalyzer v6.2.1 upgrade 2021/06/10 16:09:50 (permalink)
0
Thank you miraching it worked for me and I only added one FAZ line you specified:
set oftp-ssl-protocol sslv3

#4
Jump to:
© 2021 APG vNext Commercial Version 5.5