SoraYazılım
English
Custom software solutions from Türkiye
Fortinet · Network Security and SD-WAN

FortiAnalyzer

Centralized log, reporting and SIEM-lite for the Security Fabric.

Request a quoteFAQ
Quick answer

FortiAnalyzer is the central log collection, reporting and SIEM-lite platform for the Fortinet Security Fabric. It correlates logs coming from FortiGate, FortiClient, FortiMail and FortiAuthenticator and produces compliance reports.

FortiAnalyzer is the central hub for log storage and reporting in a Fortinet environment. A single FortiAnalyzer physical/virtual appliance can collect logs from hundreds of FortiGates and other Fortinet components.

The FortiSoC module adds playbook-based SOAR-lite capabilities to FortiAnalyzer — automatic flows from detection to response can be built. Combined with FortiSIEM you get a full SIEM/SOAR solution.

Ready-made compliance reports exist for PCI-DSS, ISO 27001, KVKK, HIPAA and similar frameworks.

Key features

What it offers

  • Fabric-wide centralized logging
  • FortiSoC playbook & SOAR-lite
  • Ready compliance reports (PCI, ISO)
  • Multi-tenant (ADOM) management
  • FortiSIEM integration
  • Automatic event correlation
  • Long-term log archiving
  • Real-time dashboard
Tech Summary

Important technical data

Form factor
Hardware appliance (200F → 3900E) or virtual VM
Cloud
FortiAnalyzer Cloud (SaaS)
Log capacity
1 GB/day → 8 TB/day models
Retention
Multiple years (disk capacity dependent)
ADOM
Multi-tenant (MSP/multi-tenant)
Licensing
Per GB/day under FortiCare subscription
Use Cases

When would you choose this product?

Banking

PCI-DSS log retention

A bank keeps logs from 50 FortiGates on a FortiAnalyzer 1000F for 2 years; PCI-DSS audit reports are produced automatically.

MSP

Multi-customer management

Sora Yazılım uses FortiAnalyzer ADOMs to isolate dozens of customer logs; each customer accesses its own reports.

Manufacturing

Operational reports

A manufacturer sends monthly security reports to the CIO automatically from FortiAnalyzer.

Government

ISO 27001 audit readiness

A government organization used FortiAnalyzer log retention and reporting as evidence during ISO 27001 audits.

Who is it for?

Multi-FortiGate environments; organizations with compliance requirements.

Frequently Asked Questions

Frequently asked questions

Is FortiAnalyzer required?
If you have a single FortiGate without compliance needs, on-device disk logging may suffice. For 2+ devices or compliance, FortiAnalyzer is recommended.
How does it differ from FortiSIEM?
FortiAnalyzer is log/reporting optimized for Fortinet products. FortiSIEM is a full SIEM — correlates third-party sources (Cisco, Palo Alto, Microsoft). Large SOCs deploy both.
FortiAnalyzer Cloud vs on-prem?
On-prem: full control, logs stay local, hardware cost. Cloud: pay-as-you-go, fast deploy, logs in Fortinet cloud. For KVKK, on-prem or EU-region cloud is preferred.
How is log retention planned?
PCI-DSS: 1 year (3 months online + 9 months offline). KVKK: 1 year. ISO 27001: 1+ year. FortiAnalyzer disk capacity is sized by log volume.
What is ADOM (Administrative Domain)?
Multi-tenant structure; each customer/unit operates in its own isolated domain. Critical for MSPs — one customer's logs do not leak to another.
Which compliance standards are supported?
PCI-DSS, ISO 27001, NIST CSF, HIPAA, KVKK, GDPR, SOX templates exist. Automatic scheduled PDF/CSV export and email delivery.
Can it trigger real-time alarms?
Yes. FortiSoC playbooks can trigger email, SMS, ITSM tickets or webhooks when a log threshold or correlation event fires.
What does GB/day licensing mean?
Priced on the daily volume of analyzed logs. A typical mid-size organization generates 50–200 GB/day. Sora Yazılım first runs a 30-day pilot to measure real volume.
Can it run as a virtual machine?
Yes. FortiAnalyzer-VM runs on VMware, Hyper-V, KVM, AWS and Azure. Same software as the hardware appliance; more flexible deployment.
How are backups and disaster recovery handled?
FortiAnalyzer HA (high availability) runs two units active-passive; if one fails the other takes over. Log backups can be exported via SFTP/NFS.
Vendor's official product page

Opens the vendor's original technical documentation and product page in a new tab.

FortinetFortiAnalyzer
From the same brand

Fortinet family — other products

FortiGate NGFW

AI-driven Next-Gen Firewall family (40F → 7081F).

Details

FortiSASE

Cloud-delivered Secure Access Service Edge for hybrid workers.

Details

FortiClient (ZTNA + EPP)

One agent for VPN, ZTNA, EDR and compliance.

Details

FortiEDR / FortiXDR

Endpoint Detection & Response and extended detection/response.

Details
Comparable Solutions

Similar solutions from other brands

Fortinet

FortiGate NGFW

AI-driven Next-Gen Firewall family (40F → 7081F).

DetailsTrend Micro

Trend Vision One

AI-driven platform unifying XDR, ASRM and cyber risk management in a single console.

Details
Related Services

Services we deliver alongside this product

devops-altyapi

FortiAnalyzer licensing + deployment + support

Sora Yazılım handles licensing, deployment, training and ongoing management — all from a single team.

Request a quoteFortinet