B and D
When operating in analyzer mode, the device acts as a central log aggregator for one or more log collectors,
such as a FortiAnalyzer device operating in collector mode, or any other supported device sending logs.
Analyzer is the default operating mode.
Introduction and Initial Configuration
FortiAnalyzer 7.4 Administrator Study Guide 45
A. When in collector mode, FortiAnalyzer offloads the log receiving task to the analyzer. [WRONG]
"When operating in collector, the device collects logs from multiple devices and forwards them to FortiAnalyzer in analyzer mode."
B. When in analyzer mode, FortiAnalyzer supports event management and reporting features. [CORRECT]
FortiAnalyzer in collector mode doesn't support event management and reporting.
C. For the collector, you should allocate most of the disk space to analytics logs. [WRONG]
The function of the collector is to forward logs to the analyzer.
D. Analyzer mode is the default operating mode. [CORRECT]
"Analyzer is the default mode."
Reference: FortiAnalyzer 7.4 Analyst, page 45 and 46
A. incorrect, collector mode is what offloads the log receiving task
B. Correct, analyzer supports this
C. Incorrect, Collector has no use for analytic logs. It is recommended
that 70% be reserved for archive space.
D. Correct Analyzer is default operating mode.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
juniou82
Highly Voted 6 months, 1 week agoBeatledrew
Highly Voted 6 months, 1 week agoherlock_sholmes_2810
Most Recent 4 weeks, 1 day agoToh85
3 months, 3 weeks agoSlikings
5 months agomigdadcom
5 months, 3 weeks agoNoreki
6 months, 1 week ago