Fortinet FortiAnalyzer 3.0 MR7 User Manual
Page 59
System
Config
FortiAnalyzer Version 3.0 MR7 Administration Guide
05-30007-0082-20080908
59
For example, a company may have a headquarters and a number of branch
offices. Each branch office has a FortiGate unit and a FortiAnalyzer-100A/100B to
collect local log information. Those branch office FortiAnalyzer units are
configured as log aggregation clients. The headquarters has a
FortiAnalyzer-2000/2000A which is configured as a log aggregator. The log
aggregator collects logs from each of the branch office log aggregation clients,
enabling headquarters to run reports that reflect all offices.
Figure 31: Example log aggregation topology
All FortiAnalyzer models can be configured as a log aggregation client, but log
aggregation server support varies by FortiAnalyzer model, due to storage and
resource requirements.
Note: For more information about log aggregation port numbers, see the Knowledge
Center articl
FortiAnalyzer Model
Aggregation Client
Aggregation Server
FortiAnalyzer-100A/100B
Yes
No
FortiAnalyzer-400
Yes
No
FortiAnalyzer-800/800B
Yes
Yes
FortiAnalyzer-2000/2000A
Yes
Yes
FortiAnalyzer-4000/4000A
Yes
Yes