Fortinet FortiLog-400 User Manual

FortiLog CLI reference

CLI commands

FortiLog Administration Guide

05-16000-0082-20050115

101

set log setting syslog remote server
port loglevel

Set the remote syslog severity level
0 = Emergency, 1 = Alert, 2 = Critical, 3 = Error, 4 = Warning, 5 =

Notification, 6 = Information
The log levels will be up to but not higher than the value you set.

set log setting syslog remote server
port loglevel csv
{enable | disable}

Enable or disable CSV format to record log messages to the remote

syslog server in comma-separated value (CSV) formatted files. Log

message fields are separated by commas.

set log policy destination console>

Set the destination where log policy information will reside.

set log policy destination console>event status

Enable or disable the event log recording of management and activity

events. Management events include changes to the FortiLog and

administrator login/logout. System activities include activities such as

IPSec negotiation.

set log policy destination console> event configuration
routegateway| none>

Set the management events and system activities to log.

set log devtype report name name>

Define the report name for a device
• devtype is one of FortiGate, FortiMail, FortiManager and

Syslog

• define a name for the report.

set log devtype report
period {from to

Set the start and ending period the FortiLog unit pulls the data from the

logs.

set log devtype report
period {today | yesterday}

Set the period the FortiLog unit pulls the data from the logs.

set log devtype report
period this {year|quarter|month|week}

Set the period the FortiLog unit pulls the data from the logs.

set log devtype report
period last {year|quarter|month|week}

Set the period the FortiLog unit pulls the data from the logs.

set log devtype report
results {vdom | dev | all}

Set the devices or virtual domains to include in the report.
• all - all available devices
• dev -display results per device
• vdom - display results per virtual domain

set log devtype report
top {x | y}

Set the top values for specific log reports, where the top values are

reported. This can be useful when you have many email clients yet you

only need to report on the top ten.

set log devtype report
resolve {ip |port}

Set the resolving of IP addresses and port numbers to meaningful

names. You must first add IP aliases to use this option. For details, see

the report alias

command on page 92

.

set log devtype report
queryset

Select a defined query profile to use in the report.

set log devtype report
deviceset

Select a defined device profile to use in the report.

set log devtype report
filters

Select a defined filter profile to use in the report.

set log devtype queryset

Select the queries to include in a report and store as a profile for later

use in other reports.

set log devtype deviceset

Select the devices to include in a report and store as a profile for later

use in other reports.