In this example, you will enable logging to capture the details of the network traffic processed by your FortiGate unit. Capturing log details will provide you with detailed traffic information that you can use to asses any network issues.
Find this recipe for other FortiOS versions
5.2 | 5.4
1. Recording log messages and enabling event logging
|Go to Log & Report > Log Config > Log Settings.Select where log messages will be recorded. You can save log messages to disk if it is supported by your FortiGate unit, to a FortiAnalyzer or FortiManager unit if you have one, or to FortiCloud if you have a subscription. Each of these options allow you to record and view log messages and to create reports based on them.In most cases, it is recommended to Send Logs to FortiCloud, as shown in the example.
Next, enable Event Logging. You can choose to Enable All types of logging, or specific types, such as WiFi activity events, depending on your needs.
Under the GUI Preferences, ensure that the Display Logs From is set to the same location where the log messages are recorded (in the example, FortiCloud).
2. Enabling logging in the security policies
|Go to Policy & Objects > Policy > IPv4. Edit the policies controlling the traffic you wish to log.Under Logging Options, select All Sessions. In most cases, you should select Security Events, as All Sessions requires more system resources and storage space. For now, however, All Sessions will be used to verify that logging has been set up successfully.|
|View traffic logs by going to Log & Report > Traffic Log > Forward Traffic. The logs display a variety of information about your traffic, including date/time, source, device, and destination.To change the information shown, right-click on any column title and select Column Settings to enable or disable different columns.|
Latest posts by Victoria Martin (see all)
- Episode 16: FortiGate Troubleshooting – Common Issues & Solutions - September 6, 2017
- Security Fabric Collection - August 24, 2017
- FortiManager in the Security Fabric - August 24, 2017