Viewing log messages, Viewing current log messages – Fortinet FortiAnalyzer 3.0 MR7 User Manual

Page 91

background image

Log

Viewing log messages

FortiAnalyzer Version 3.0 MR7 Administration Guide
05-30007-0082-20080908

91

Log

FortiAnalyzer units collect logs from network hosts such as FortiGate, FortiMail,
FortiClient, FortiManager, and Syslog devices. By using the Log menu, you can
view both device and FortiAnalyzer log files and messages, as well as content
archive summaries. The FortiAnalyzer unit can display device logs in real-time,
enabling you to view log messages as the FortiAnalyzer unit receives them.

This section includes the following topics:

Viewing log messages

Browsing log files

Customizing the log view

Searching the logs

Rolling and uploading logs

Viewing log messages

The Log Viewer displays logs for devices that were added to the device list, as
well as the FortiAnalyzer unit itself, focusing on specific log types and time
frames.

The Log Viewer has two types of log viewing options:

• The Real-time tab displays the log messages most recently received by the

FortiAnalyzer unit. The display refreshes every few seconds, and contains only
the most current entries.

• The Historical tab displays all log messages for the selected log type whose

time stamps are within your specified time frame.

Viewing current log messages

The Real-time tab in Log > Log Viewer updates continually, displaying the most
recent log messages received from the selected device.

To view the most recent logs as they are received from Log > Log Viewer > Real-
time
.

For more information about log messages, see the

FortiGate Log Message

Reference

.

Note: FortiAnalyzer units cannot display logs from unregistered devices of unknown types.
Add the device first to view the logs of an unknown type device. For more information about
adding a device to the device list, see

“Manually adding a device” on page 80

.