Logging FortiGate traffic

Facebooktwittergoogle_plusredditpinterestlinkedinFacebooktwittergoogle_plusredditpinterestlinkedin

In this example, you will enable logging to capture the details of the network traffic processed by your FortiGate unit. Capturing log details will provide you with detailed traffic information that you can use to asses any network issues.

 

 

Find this recipe for other FortiOS versions
5.2 | 5.4

1. Recording log messages and enabling event logging

 
Go to Log & Report > Log Config > Log Settings.Select where log messages will be recorded. You can save log messages to disk if it is supported by your FortiGate unit, to a FortiAnalyzer or FortiManager unit if you have one, or to FortiCloud if you have a subscription. Each of these options allow you to record and view log messages and to create reports based on them.In most cases, it is recommended to Send Logs to FortiCloud, as shown in the example.

Next, enable Event Logging. You can choose to Enable All types of logging, or specific types, such as WiFi activity events, depending on your needs.

Under the GUI Preferences, ensure that the Display Logs From is set to the same location where the log messages are recorded (in the example, FortiCloud).

2. Enabling logging in the security policies

 
Go to Policy & Objects > Policy > IPv4. Edit the policies controlling the traffic you wish to log.Under Logging Options, select All Sessions. In most cases, you should select Security Events, as All Sessions requires more system resources and storage space. For now, however, All Sessions will be used to verify that logging has been set up successfully.

3. Results

 
View traffic logs by going to Log & Report > Traffic Log > Forward Traffic. The logs display a variety of information about your traffic, including date/time, source, device, and destination.To change the information shown, right-click on any column title and select Column Settings to enable or disable different columns.

For further reading, check out Logging and reporting overview in the FortiOS 5.2 Handbook.

Victoria Martin

Victoria Martin

Technical Writer & Head Cookbook Chef at Fortinet
Victoria Martin works in Ottawa as part of the FortiOS technical documentation team. She graduated with a Bachelor's degree from Mount Allison University, after which she attended Humber College's book publishing program, followed by the more practical technical writing program at Algonquin College. She does need glasses but also likes wearing them, since glasses make you look smarter.
Victoria Martin

Latest posts by Victoria Martin (see all)

  • Was this helpful?
  • Yes   No