AnsweredHot!Forwarding all logs to a FAZ that is unavailable

Author
adeboer
Bronze Member
  • Total Posts : 38
  • Scores: 2
  • Reward points: 0
  • Joined: 2015/01/13 14:03:36
  • Status: offline
2020/01/17 10:33:58 (permalink)
0

Forwarding all logs to a FAZ that is unavailable

If I have disk logging disabled and I'm forwarding all logs to a FAZ that is unavailable, what is the negative effect on a FortiGate that has 100s or 1000s of logs building up in the queue? Will this potentially cause memory issues?
 
Thanks!
#1
brazz_FTNT
Gold Member
  • Total Posts : 101
  • Scores: 26
  • Reward points: 0
  • Joined: 2018/02/20 15:09:34
  • Status: offline
Re: Forwarding all logs to a FAZ that is unavailable 2020/01/17 10:59:41 (permalink) ☼ Best Answerby adeboer 2020/01/17 11:09:38
0
Hello,
 
FGT has some limited buffer size to queue the logs;however, eventually, the older logs will be dropped. 
Thanks
 
 
#2
adeboer
Bronze Member
  • Total Posts : 38
  • Scores: 2
  • Reward points: 0
  • Joined: 2015/01/13 14:03:36
  • Status: offline
Re: Forwarding all logs to a FAZ that is unavailable 2020/01/17 11:10:15 (permalink)
0
Appreciate the reply, thanks!
#3
emnoc
Expert Member
  • Total Posts : 5769
  • Scores: 375
  • Reward points: 0
  • Joined: 2008/03/20 13:30:33
  • Location: AUSTIN TX AREA
  • Status: online
Re: Forwarding all logs to a FAZ that is unavailable 2020/01/17 11:41:59 (permalink)
0
This is why it's critical to have two log targets. If your using log memory you can controlling the setting but typically by default it's to overwrite. Don't worry about the fortigate failing due to lost connection or FAZ not available.
 
Ken Felix

PCNSE 
NSE 
StrongSwan  
#4
Jump to:
© 2020 APG vNext Commercial Version 5.5