Log messages can be stored locally, remotely, or at both locations. For this recipe, we will focus on storing log messages locally on the hard disk of the FortiMail unit.
To ensure that the local hard disk has sufficient space for new log messages, regularly download backup copies of the oldest log files to your computer and then delete them from the FortiMail unit. For more information on downloading logs, see “Viewing log messages” on page 191 of the FortiMail Administrator Guide.
To store log files remotely, see “Configuring logging to a Syslog server or FortiAnalyzer unit” on page 635 of the Administrator Guide.
Configure Log Settings
To access your log messages on the web UI, your administrator account’s Domain must be System and your access profile must have Read or Read-Write permission in the Others category. For more information on permissions, see “About administrator account permission and domains” on page 267.
To configure logging to the local hard disk
- Go to Log and Report > Log Settings > Local Log Settings.
- Select Enable.
- Enter the Log file size, Log time and select the hour of the day when the file rotation begins from the At hour dropdown menu.
Important: Large log files may decrease display and search performance.
- Select the severity level that a log message must equal or exceed in order to be recorded from the Log level dropdown menu.
- Select your desired log option
- Select the types of logs you wish to record in the Logging Policy Configuration section and then select Apply.
For more information on the event logs, see “Choosing which events to log” on page 635 of the Administrator Guide.
Monitoring Log Messages
Once you have configured your log messages, you can view the generated reports from the log data.
To view the list of log files and their contents
- Go to Monitor > Log.
- Select the tab corresponding to the log type you wish to view (History, Event, AntiVirus, AntiSpam, and Encryption).
- Double-click on a log file to display the file’s log messages.