Sold by: Fortinet Inc.
Deployed on AWS
Fortinet FortiAnalyzer offers enterprise class features to identify threats and provides flexibility to evolve along with your ever-changing network. FortiAnalyzer generates highly customized reports for your business while aggregating logs in a hierarchical, tiered logging topology.
4.3
Overview
Fortinet FortiAnalyzer securely aggregates log data from Fortinet devices and other syslog-compatible devices. Using a comprehensive suite of easily-customized reports, users can filter and review records, including traffic, event, virus, attack, Web content, and email data, mining the data to determine your security stance and assure regulatory compliance.
Max limit of manageable resources: Managed devices: 500 Storage capacity: 24TB Daily log size: 100GB of logs per day
NOTE: A new FortiAnalyzer listing enables seamless scaling up to 10,000 FortiGates, adjusting automatically based on vCPU count. Visit: https://aws.amazon.com/marketplace/pp/prodview-wy43e3tw4wm3e?sr=0-7&ref_=beagle&applicationId=AWSMPContessa
Highlights
- Pre-defined and customized charts help monitor and maintain identify attack patterns, acceptable use policies, and demonstrate policy compliance
- Advanced features such as event correlation, forensic analysis, and vulnerability assessment provide essential tools for in-depth protection of complex networks
Details
Sold by
Categories
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
OtherLinux 7.4.10
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/hour |
|---|---|
m5.12xlarge Recommended | $1.51 |
m7a.16xlarge | $1.51 |
m6a.16xlarge | $1.51 |
m6i.16xlarge | $1.51 |
t2.2xlarge | $1.51 |
Vendor refund policy
You may terminate the instance at anytime to stop incurring charges.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Additional details
Usage instructions
https://docs.fortinet.com/document/fortianalyzer-public-cloud/7.4.0/aws-administration-guide/
Please ensure the connectivity to FortiCare (https://directregistration.fortinet.com:443 ) by checking all related setup on security groups, ACLs, IGW, route tables, public IP address...etc.
After deploying the instance, click on Manage in AWS Console to see the running instance and public DNS address to continue the configuration of the FortiAnalyzer. Connect to the secured Web UI via the public DNS address: https://<public DNS address>. For any CLI configuration/settings, SSH is required to log into the CLI. Default login credentials are with a username of admin and the AWS Instance ID value as the password.
Resources
Support
Vendor support
Fortinet FortiCare support offerings provide global support for all Fortinet products and services. Please contact Customer Support with the following information: 1. The serial number of your FortiGate instance (found on the GUI dashboard) 2. The email ID of your Fortinet account (create one in https://support.fortinet.com/Credentials/Account/AccountCreation.aspx if you do not have).
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Rapid7
By IBM Security
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Centralized Log Aggregation
Securely aggregates log data from Fortinet devices and other syslog-compatible devices in a hierarchical, tiered logging topology
Customizable Reporting
Generates highly customized reports with filtering and review capabilities for traffic, event, virus, attack, Web content, and email data
Event Correlation and Forensic Analysis
Provides advanced event correlation, forensic analysis, and vulnerability assessment capabilities for in-depth network protection
Threat Pattern Identification
Pre-defined and customized charts monitor and identify attack patterns, acceptable use policies, and policy compliance
High-Capacity Log Management
Supports management of up to 500 devices with 24TB storage capacity and processing capability of 100GB of logs per day
Threat Detection Engine
Library of 900+ out-of-the-box detections with user and attacker behavior analytics backed by community threat intelligence
Data Ingestion and Integration
Ingests CloudTrail, GuardDuty, EC2 network traffic, raw logs via SQS from multiple AWS accounts, on-premises networks, remote endpoints, and SaaS solutions
Investigation and Response Capabilities
Visual investigation timeline with detailed log timelines, automated response workflows, and instant actions such as asset quarantining
Deception Technology
Honeypots, honey credentials, and honey files for layered defense mechanisms
Compliance and Monitoring
File Integrity Monitoring (FIM) with support for PCI, HIPAA, and GDPR compliance requirements, plus detection of new AWS regions, services, and EC2 instance types
Security Information and Event Management
Real-time monitoring and visibility for threat detection including ransomware, insider threats, and cloud attacks with security analytics for rapid investigation and prioritization of critical threats.
Incident Response Automation and Orchestration
Automation and orchestration of incident response workflows with consistent, optimized, and measurable process execution.
Enterprise-Grade AI and Automation
Embedded artificial intelligence and automation capabilities designed to increase analyst productivity and accelerate incident lifecycle management.
Multi-Source Data Correlation
Correlation of data across users, networks, and cloud-native services to identify threats including cloud misconfigurations, policy changes, and suspicious user activity with alert deduplication.
Hybrid and Cloud Environment Integration
Centralized visibility across hybrid cloud and on-premises environments with deep integrations to AWS security services including Security Hub, CloudTrail, GuardDuty, Network Firewall, WAF, Detective, CloudWatch, and VPC Flow Logs.
Standard contract
No
No
No
Customer reviews
Information Technology and Services
Outstanding Centralized Log Management with Full Visibility Across Fortinet Devices
Reviewed on May 04, 2026
Review provided by G2
What do you like best about the product?
The centralized log management is outstanding. Having full visibility across all of our Fortinet devices in one dashboard saves us a lot of time and makes it much easier to stay on top of everything.
What do you dislike about the product?
Storage requirements can grow quickly in large environments, but the performance and insights you get in return more than justify the extra space.
What problems is the product solving and how is that benefiting you?
FortiAnalyzer solved our visibility problem entirely. Having all logs centralized in one platform means we can detect and respond to threats in minutes instead of hours.
Jitendra Kumar P.
Robust Log Collection and Strong Reporting for Incidents and Events
Reviewed on Apr 06, 2026
Review provided by G2
What do you like best about the product?
Robust log collection for incidents and events, backed by strong reporting.
What do you dislike about the product?
The initial integration with FortiManager is fairly complex. For new users, it can be difficult to set up and understand.
What problems is the product solving and how is that benefiting you?
A solid choice for centralized log analysis, with robust reporting to match.
Telecommunications
FortiAnalyzer Delivers Centralized Visibility and Powerful Reporting
Reviewed on Mar 24, 2026
Review provided by G2
What do you like best about the product?
What I really appreciate about FortiAnalyzer is how it pulls everything together into one place. Instead of jumping between different tools or trying to piece logs together manually, it gives me centralized visibility across the entire Fortinet setup. That alone saves a lot of time and reduces the chance of missing something important.
Reporting is something which needs to be appreciated. We have multiple reporting templates which really help us in multiple queries .
IMPORTANT : Handler and connector features really helps us in Proactive monitoring where we intergrated with Webhook and alerts are triggered in through our teams which is one of the key features
Reporting is something which needs to be appreciated. We have multiple reporting templates which really help us in multiple queries .
IMPORTANT : Handler and connector features really helps us in Proactive monitoring where we intergrated with Webhook and alerts are triggered in through our teams which is one of the key features
What do you dislike about the product?
When dealing with Larger volume of logs , it takes more times and reporting few columns will be empty at times.
Inner joint queries are not working in FAZ report generation . In the past, we had to merge two reports with a common column ,I tried writing a sql query and it dint work . FAZ documentation need to be better.
Only who worked with Fortinet can manage FAZ
Inner joint queries are not working in FAZ report generation . In the past, we had to merge two reports with a common column ,I tried writing a sql query and it dint work . FAZ documentation need to be better.
Only who worked with Fortinet can manage FAZ
What problems is the product solving and how is that benefiting you?
Fortinet is now concentrating to make the reporting time less compared to larger time . Also the handler and connector features really helps us in Proactive monitoring which triggers alert and helps our engineers to action the alerts. Eg. VPN down , HA failover , BGP flap etc
Amarnath Jaiswal
Comprehensive log analysis has improved traffic monitoring and streamlined risk mitigation
Reviewed on Feb 17, 2026
Review provided by PeerSpot
What is our primary use case?
I am using Fortinet FortiAnalyzer along with the analyzer for traffic monitoring and event checking. It is effective for analyzing traffic purposes.
I use Fortinet FortiAnalyzer for event monitoring and traffic monitoring to generate different types of reports for internal, external, internet traffic, or local LAN traffic.
I am looking for FortiNAC . I requested it from the local Fortinet manager and Forti sales manager. I contacted and emailed them to provide FortiNAC solution for my organization.
What is most valuable?
Fortinet FortiAnalyzer is a very comprehensive analyzer providing detailed analyzing features and customizable reports. I can get customization and custom reports, and there are many functions available. It is very good for any organization.
Log management in Fortinet FortiAnalyzer is excellent, as it stores approximately two years of logs.
Using Fortinet FortiAnalyzer, I analyze vulnerability risks and threats and sort out problems accordingly. I then create policies and mitigate the risk based on my findings.
I have created many customizable reports in Fortinet FortiAnalyzer. I have customized the reports to schedule them and generate reports every day that are sent to my email.
I am not using any SIEMs, but Fortinet FortiAnalyzer is the best and looks like a SIEM . I did not integrate Fortinet FortiAnalyzer with any security information and event management solutions.
With Fortinet FortiAnalyzer, I have streamlined the process to mitigate risks and save time to get event information on any type of threats, risks, and unwanted traffic. Risk and time are saved, and it is valuable for any organization.
What needs improvement?
I think technical support should be better. Sometimes support from Fortinet does not help with creating policies or configuration issues and directly routes to the service integrator. A little more help from Fortinet support service would be appreciated.
Technical support should make some improvements.
What do I think about the stability of the solution?
I rate the stability of Fortinet FortiAnalyzer ten out of ten.
What do I think about the scalability of the solution?
I rate the scalability of Fortinet FortiAnalyzer nine.
Which solution did I use previously and why did I switch?
I did not compare Fortinet FortiAnalyzer with a product from any other vendor, and I did not consider any other options before working with Fortinet FortiAnalyzer.
How was the initial setup?
The initial setup for Fortinet FortiAnalyzer is very simple. I deployed this analyzer within a very short time, in under one hour, with the help of the knowledge base from the Fortinet website and Fortinet documentation. I deployed it myself without any third-party help.
What's my experience with pricing, setup cost, and licensing?
For pricing, I rate it a little high but nine.
What other advice do I have?
Fortinet updates the features and services in Fortinet FortiAnalyzer from time to time. From my point of view, everything is good. I believe I get the best results from the analyzer. I am only working with Fortinet FortiAnalyzer. I recommend it to other organizations to purchase Fortinet and Fortinet products. I also initiated purchasing the product for my OT network. I am providing this review with an overall rating of ten.
Arf Wu
Has provided valuable network insights while being straightforward to implement
Reviewed on Nov 03, 2025
Review provided by PeerSpot
What is our primary use case?
I am using Fortinet and Red Hat myself as a consultant. I am dealing with Fortinet products and can provide information about them. I am working with Fortinet products, including firewalls and other Fortinet products. I am working with Fortinet products such as Fortinet FortiAnalyzer and FortiManager. I use Fortinet FortiAnalyzer .
What is most valuable?
I find it easy to deploy Fortinet products, including the firewall, Fortinet FortiAnalyzer, and many other Fortinet products.
The interface of Fortinet FortiAnalyzer is intuitive enough. Fortinet provides training through many training documents and videos.
It is very important to integrate Fortinet products for my customers because it provides many network information for them.
What needs improvement?
I don't know what the main room for improvement is for Fortinet FortiAnalyzer, but perhaps I don't have much experience, so I cannot answer this question comprehensively.
For how long have I used the solution?
I have been working with Fortinet FortiAnalyzer for two years.
What do I think about the stability of the solution?
Fortinet FortiAnalyzer is very stable.
What do I think about the scalability of the solution?
I do not recommend Fortinet FortiAnalyzer for bigger companies because it is not scalable enough.
How are customer service and support?
I always ask Fortinet support about their technical support, and I think they are good.
I rate their technical support as seven out of ten. Sometimes they can answer the question immediately, but they could be more quick.
Which solution did I use previously and why did I switch?
Palo Alto also provides log management and has this product, but I have never used Palo Alto.
How was the initial setup?
I find it easy to deploy Fortinet products, including the firewall, Fortinet FortiAnalyzer, and many other Fortinet products.
What about the implementation team?
I usually help my customers with the implementation of Fortinet products, and they always use Fortinet products.
What was our ROI?
I think Fortinet FortiAnalyzer has fifty percent market share in my region.
What's my experience with pricing, setup cost, and licensing?
The pricing of Fortinet FortiAnalyzer is okay. For smaller companies, the pricing is acceptable.
Which other solutions did I evaluate?
Palo Alto also provides log management and has this product, but I have never used Palo Alto.
What other advice do I have?
I recommend Fortinet FortiAnalyzer for big companies. I rate this review an eight overall.