FortiGate logging troubleshooting

Facebooktwittergoogle_pluslinkedinFacebooktwittergoogle_pluslinkedin

This section contains tips to help you with some common challenges of FortiGate logging.

No log messages appear in the GUI.

Ensure that logging is enabled in both the Log Settings and the policy used for the traffic you wish to log, as logging will not function unless it is enabled in both places.

If logging is enabled in both places, check that the policy in which logging is enabled is the policy being used for your traffic. Also make sure that the policy is getting traffic by going to the policy list and adding the Sessions column to the list.

Logs from a FortiAnalyzer, FortiManager, or from FortiCloud do not appear in the GUI.

Ensure that the correct log source has been selected in the Log Settings, under GUI Preferences.

If logs still do not appear, use the following CLI command:

config system global
  set gui-lines-per-page 20
end

The FortiGate unit’s performance level has decreased since enabling disk logging.

If enabling disk logging has impacted overall performance, change the log settings to either send logs to a FortiAnalyzer unit, a FortiManager unit, or to FortiCloud.

Logging to a FortiAnalyzer unit is not working as expected.

The firmware for the FortiGate and FortiAnalyzer units may not be compatible. Check the firmware release notes, found at support.fortinet.com, to see if this is the case.

Victoria Martin

Victoria Martin

Technical Writer at Fortinet
Victoria Martin works in Ottawa as part of the FortiOS technical documentation team. She graduated with a Bachelor's degree from Mount Allison University, after which she attended Humber College's book publishing program, followed by the more practical technical writing program at Algonquin College. She does need glasses but also likes wearing them, since glasses make you look smarter.
Victoria Martin

Latest posts by Victoria Martin (see all)

Facebooktwittergoogle_pluslinkedinFacebooktwittergoogle_pluslinkedin