beautypg.com

Recording logs in system memory, Filtering log messages, Filtering log messages” on – Fortinet FortiGate 100 User Manual

Page 251: Es in

background image

Logging and reporting Recording

logs in system memory

FortiGate-100 Installation and Configuration Guide

251

Recording logs in system memory

If your FortiGate unit does not contain a hard disk, you can use the following
procedure to configure the FortiGate unit to reserve some system memory for storing
current event, attack, antivirus, web filter and email filter log messages. Logging to
memory allows quick access to only the most recent log entries. The FortiGate unit
can store a limited number of messages in system memory. After all available memory
is used, the FortiGate unit deletes the oldest messages. If the FortiGate unit restarts,
the log entries are lost.

To record logs in system memory:

1

Go to Log&Report > Log Setting.

2

Select Log to memory.

3

Select the severity level for which you want to record log messages.
The FortiGate will log all levels of severity down to but not lower than the level you
choose. For example, if you want to record emergency, alert, critical, and error
messages, select Error.

4

Select Config Policy.
To configure the FortiGate to filter the types of logs and events to record, use the
procedures in

“Filtering log messages” on page 251

.

5

Select Apply.

Filtering log messages

You can configure which logs to record and which message categories to record in
each log.

1

Go to Log&Report > Log Setting.

2

Select Config Policy for the log location that you selected in

“Recording logs” on

page 249

.

3

Select the log types that you want FortiGate unit to record.

Note: The FortiGate unit can only record the event and attack log messages in system memory.

Traffic Log

Record all connections to and through the interface.
To configure traffic filtering, see

“Adding traffic filter entries” on page 254

.

Event Log

Record management and activity events in the event log.
Management events include changes to the system configuration as well

as administrator and user logins and logouts. Activity events include

system activities, such as VPN tunnel establishment and HA failover

events.

Virus Log

Record virus intrusion events, such as when the FortiGate unit detects a

virus, blocks a file type, or blocks an oversized file or email.

Web Filtering Log Record activity events, such as URL and content blocking, and exemption

of URLs from blocking.

Attack Log

Record attacks detected by the NIDS and prevented by the NIDS

Prevention module.

See also other documents in the category Fortinet Hardware: