This article describes why logs may not be visible on FortiGateCloud after deleting and adding a new service-account-id in the config system fortiguard settings.
Scope
FortiGate, FortiGateCloud.
Solution
The following command is used to clear the service-account-id on the FortiGate:
config system fortiguard unset service-account-id end
It may result in other automatic internal changes that cause logs to cease being visible on FortiGateCloud:
config log fortiguard setting set status disable end
When applying the following to change a FortiGateCloud user from a previous account to a newer account, an additional step must be taken (explained after the command below):
execute fortiguard-log login <email> <password> <domain>
Enable the log fortiguard setting too:
config log fortiguard setting set status enable end
Note: The commands ‘execute fortiguard-log login’ and ‘unset service-account-id’ are hidden commands and have to be manually typed in. The auto-complete feature does not work for them.