Problem
Logs retrieved from the FortiAnalyzer on the FortiGate display the wrong time
Solution
In my case the solution was to change the FortiGate timezone to GMT and then back to UTC+1 I think the problem has something to do with dst.
Details
If you should have the Problem that the time of the log entries displayed in the FortiGate Forward traffic Log isn’t correct (in my case the Logs are stored on my FortiAnalyzer) (in my case the logs had one hour difference) you may do the following:
- Check the time settings on the FortiGate and Fortianalyzer
- Follow the steps in the Fortinet kb article:
If that shouldn’t help you may continue with the following steps
- Verify that the FGT uses the system time is being used
show full-configuration sys global | grep gui-date-time-source
set gui-date-time-source system
- change the timezone to GMT and change it back
In my case the solution was to change the FortiGate timezone to GMT and then back to UTC+1 I think the problem has something to do with dst. And i would expect that this may be fixed in the future.
Versions: FOS 7.2.4 and FAZ 7.2.2
Screenshots
Changed the timezone to GMT apply and then change it back to UTC+1
And after the change the log entry is displayed with the correct D-Time
