Logging and reporting Configuring traffic logging
FortiGate-400 Installation and Configuration Guide 287
5 Repeat this procedure for each VLAN subinterface for which you want to enable
logging.
Enabling traffic logging for a firewall policy
If you enable traffic logging for a firewall policy, all connections accepted by firewall
policy are recorded in the traffic log.
1 Go to Firewall > Policy.
2 Select a policy tab.
3 Select Log Traffic.
4 Select OK.
Configuring traffic filter settings
Use the following procedure to configure the information recorded in all traffic log
messages.
1 Go to Log&Report > Log Setting > Traffic Filter.
2 Select the settings that you want to apply to all Traffic Log messages.
3 Select Apply.
Figure 44: Example traffic filter list
Resolve IP Select Resolve IP if you want traffic log messages to list the IP address
and the domain name stored on the DNS server. If the primary and
secondary DNS server addresses provided to you by your ISP have not
already been added, go to System > Network > DNS and add the
addresses.
Type Select Session or Packet. If you select Session, the FortiGate unit records
the number of packets sent and received for each session. If you select
Packet, the FortiGate unit records the average packet length for each
session (in bytes).
Display Select Port Number if you want traffic log messages to list the port
number, for example, 80/tcp. Select Service Name if you want traffic log
messages to list the name of the service, for example, TCP.
To Next Page
Loading...
