본문 바로가기

업무이야기/Security

FortiAnalyzer SQL database delete and rebuild

by 쫑콩아빠 2018. 5. 8.
728x90

Technical Note: FortiAnalyzer SQL database delete and rebuildProducts

FortiAnalyzer v5.0
 
FortiAnalyzer v5.2
 

Description

Occasionally an upgrade does not correctly update the SQL database and reporting will cease to function properly due to missing/misnamed columns and/or indexes.
 
“exec sql-local rebuild-db” is the first option, but if that does not resolve the issue then deleting and rebuilding of the database is the next step.

Solution

 

Remove and re-create the SQL db:
 
1) Change operation mode to collector
 
config system global
set log-mode collector
end
 
2) Disable SQL and remove the current database
 
config system sql
set status disable
end
 
execute sql-local remove-db
 
3) Re-enable SQL
 
config system sql
set status local
end
 
4) Change operation mode back to analyser
 
config system global
set log-mode analyzer
end
 
5) Rebuild database
 
exec sql-local rebuild-db
 
 
 
Notes:
 
(1) The rebuild-db command causes the unit to reboot and the rebuild starts when the unit comes back up.
 
(2) Use the command 'diag sql status rebuild-db' to show the status of the rebuild.
 
(3) The time required to rebuild the database depends on the amount of logs stored on the unit.
 
(4) Although this procedure does not remove any log files it is recommended to backup log files beforehand as a precaution.

 

728x90

'업무이야기 > Security' 카테고리의 다른 글

Fortigate Custom Application Control  (0) 2018.05.08
Fortigate SSLVPN Host Check  (0) 2018.05.08
Fortigate IP Macbindging  (0) 2018.05.08
Fortinet Open Ports Diagram  (0) 2018.05.08
FortiSandbox diagram  (0) 2018.05.08