Description
In multi-tenant environments, certain tenants may require logs to be sent to their own FortiAnalyzer/FortiManager.
However, when attempting to configure logging to FortiAnalyzer/FortiManager for that tenant's VDOM, the check-box is greyed out.
Go to VDOM > Log & Report > Log Config > Log Settings > Send Logs to FortiAnalyzer/FortiManager.
Solution
The first step is to enable the FortiAnalyzer override-setting in that VDOM.
# config vdom
edit vdom-A
config log fortianalyzer override-setting
set override enable
end
Afterwards, refresh the browser and configure the FortiAnalyzer/FortiManager settings for that VDOM.
Or configure via CLI:
# config vdom
edit vdom-A
config log fortianalyzer override-setting
set status enable
set server 192.168.100.100
end
Starting FortiOS 6.2.0 a new CLI command has been introduced :
# config vdom
edit vdom-A
config log setting
set faz-override enable
end
In order to define FortiAnalyzer override-setting, the above config should be enabled first, under the relevant VDOM.
