Configuring traffic filter settings, Adding traffic filter entries – Fortinet FortiGate 4000 User Manual
Page 313
Logging and reporting
Configuring traffic logging
FortiGate-4000 Installation and Configuration Guide
313
Configuring traffic filter settings
You can configure the information recorded in all traffic log messages.
To configure traffic filter settings
1
Go to Log&Report > Log Setting > Traffic Filter.
2
Select the settings that you want to apply to all traffic log messages.
3
Select Apply.
Figure 93: Example traffic filter list
Adding traffic filter entries
Add entries to the traffic filter list to filter the messages that are recorded in the traffic
log. If you do not add any entries to the traffic filter list, the FortiGate unit records all
traffic log messages. You can add entries to the traffic filter list to limit the traffic logs
that are recorded. You can log traffic with a specified source IP address and netmask,
to a destination IP address and netmask, and for a specified service. A traffic filter
entry can include any combination of source and destination addresses and services.
To add an entry to the traffic filter list
1
Go to Log&Report > Log Setting > Traffic Filter.
2
Select New.
3
Configure the traffic filter for the type of traffic that you want to record on the traffic log.
Resolve IP
Select Resolve IP if you want traffic log messages to list the IP address
and domain name stored on the DNS server. If the primary and secondary
DNS server addresses provided to you by your ISP have not already been
added, go to System > Network > DNS and add the addresses.
Display
Select Port Number if you want traffic log messages to list the port
number, for example, 80/tcp. Select Service Name if you want traffic log
messages to list the name of the service, for example, TCP.
Name
Type a name to identify the traffic filter entry.
The name can contain numbers (0-9), uppercase and lowercase
letters (A-Z, a-z), and the special characters - and _. Spaces and
other special characters are not allowed.
Source IP Address
Source Netmask
Type the source IP address and netmask for which you want the
FortiGate unit to log traffic messages. The address can be an
individual computer, subnetwork, or network.