Information
Synchronize log messages with an external log server to have a backup of log messages for analysis if the FortiGate unit is compromised.
Solution
Use this command to enable external logging via fortianalyzer3.
config log fortianalyzer3 setting
set status enable
set csv {enable | disable}
set facility {alert | audit | auth | authpriv | clock | cron |
daemon | ftp | kernel | local0 | local1 | local2 | local3 |
local4 | local5 | local6 | local7 | lpr | mail | news | ntp |
syslog | user | uucp}
set port <port_integer>
set reliable {enable | disable}
set server <address_ipv4 | FQDN>
set source-ip <address_ipv4>
end