Description
This article describes the standard procedure to format a FortiGate Hard Disk, which is used for logging purposes.
If the procedure fails, refer to this article.
Scope
FortiGate (all versions).
Solution
Note 1: If necessary, consider performing a backup of logs before formatting (see details below).
Note 2: In an HA environment, the command will be applied only to the unit the command was run on. That unit alone will reboot.
The action will not be synchronized with the other units in the cluster.
The following command will start the disk formatting upon selecting 'y':
exec formatlogdisk
Log disk is /dev/sda1.
Formatting this storage will erase all data on it, including
logs, quarantine files;
certificate revocation lists (CRLs);
and require the unit to reboot.
Do you want to continue? (y/n)
Log backup options (before formatting):
In FortiOS 7.0+:
First select which logs to back up (from disk):
exec log filter device 1
(0 = memory, 1 = disk, 2 = FortiAnalyzer, 3 = FortiAnalyzer Cloud, 4 = FortiCloud).
exec log backup ftp <file name > <ip>[:ftp port]<username> <password>
exec log backup local <file path>
exec log backup tftp <file name > <ip>
In FortiOS 6.4 :
execute log disk local <file path>
execute log disk ftp <file name > <ip:port> <username> <password>
execute log disk tftp <file name > <ip>
FortiOS v5.0 to v6.2 adds support for performing a backup to an external disk connected to the FortiGate USB port:
execute log backup <file path>
In v4.0, before formatting the disk, the existing log file(s) can be backed up by running either one of the following two commands:
execute backup disk alllogs ftp [or tftp] <ip>
execute backup disk log ftp [or tftp] <ip> <log_type> (*)
For example:
execute backup disk log tftp 192.168.1.1 traffic
(*) To display all log file types in v4.0MR1, enter a ? at the end of the command.
Related articles
