Log policy, 45 log policy – Fortinet FortiLog-400 User Manual

Managing the FortiLog unit

Config

FortiLog Administration Guide

05-16000-0082-20050115

45

Log policy

Select Config Policy to configure the FortiLog unit to send event log messages to a
local or remote syslog server.

Enable Event Log to record management and activity events. Management events
include changes to the FortiLog unit configuration as well as administrator and user
logins and logouts. Activity events include system activities such as IPSec negotiation
events

Figure 16: Config log policy

Level

Select the severity level for which you want to record log messages to a

remote syslog server. The FortiLog unit logs all levels of severity down to,

but not lower than, the level you select. For example, if you want to record

emergency, alert, critical, and error messages, select Error.

“Log policy”

on page 45

lists the log message levels.

Config Policy

Select Config policy for which activities you want the FortiLog unit to

record log messages.

CSV format

Enable CSV format to record log messages in comma-separated value

(CSV) formatted files. Log message fields are separated by commas.

Levels

Description

Generated by

0 - Emergency

The system has become unstable.

Emergency messages not

available.

1 - Alert

Immediate action is required.

NIDS attack log messages.

2 - Critical

Functionality is affected.

DHCP

3 - Error

An error condition exists and functionality

could be affected.

Error messages not available.

4 - Warning

Functionality could be affected.

Antivirus, Web filter, email filter,

and system event log messages.

5 - Notice

Information about normal events.

Antivirus, Web filter, and email

filter log messages.

6 - Information

General information about system

operations.

Antivirus, Web filter, email filter log

messages, and other event log

messages.