Information
Device logs should be sent to a centralized device for log collection, retention, and reporting. This could be a SIEM. syslog device, FortiAnalyzer, FortiManager, etc.
Rationale:
Centralized logging allows for more reliable log retention and more enriched log data for review and reporting.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Configure a remote server for logs to be sent to.
Access the FortiGate administrative web access page and to to Log & Report > Log Settings and under 'Remote Logging and Archiving' configure a remote server to send logs to.