FortiGate Version 3.0 MR4 Administration Guide
408 01-30004-0203-20070102
Log severity levels Log&Report
For better log storage and retrieval, the FortiGate unit can send log messages to a
FortiAnalyzer™ unit. FortiAnalyzer units are network appliances that provide
integrated log collection, analysis tools and data storage. Detailed log reports
provide historical as well as current analysis of network and email activity, to help
identify security issues and reduce network misuse. The FortiGate unit can send
all log message types, as well as quarantine files, to a FortiAnalyzer unit for
storage. The FortiAnalyzer unit can upload log files to an FTP server for archival
purposes. See “Logging to a FortiAnalyzer unit” on page 409 for details on
configuring the FortiGate unit to send log messages to a FortiAnalyzer unit.
The FortiGate unit can send log messages to either a Syslog server or
WebTrends server for storage and archival purposes. You can configure the
FortiGate unit to send log messages to its hard disk, if available.
You can also configure the FortiGate unit to log to a FortiGuard Log & Analysis
server after subscribing for FortiGuard Log & Analysis subscription-based
services. The FortiGuard Log & Analysis server enables you to store FortiGate
logs, similar to other logging devices such as a FortiAnalyzer unit or Syslog
server. This service is only available to FortiGate-100 units and lower. The
FortiGuard Log & Analysis subscription-based services will be available soon.
Contact technical support for more information.
The FortiGate unit enables you to view log messages available in memory, on a
FortiAnalyzer unit running firmware version 3.0 or higher, hard disk if available,
and the FortiGuard Log & Analysis server. Customizable filters enable you to
easily locate specific information within the log files.
See the FortiGate Log Message Reference for details and descriptions of log
messages and formats.
Log severity levels
You can define what severity level the FortiGate unit records logs at when
configuring the logging location. The FortiGate unit logs all messages at and
above the logging severity level you select. For example, if you select Error, the
unit logs Error, Critical, Alert and Emergency level messages.
Note: See the FortiGate CLI Reference for details on saving logs to the FortiGate hard
disk.
Table 44: Log severity levels
Levels Description Generated by
0 - Emergency The system has become unstable. Event logs, specifically
administrative events, can
generate an emergency severity
level.
1 - Alert Immediate action is required. Attack logs are the only logs that
generate an Alert severity level.
2 - Critical Functionality is affected. Event, Antivirus, and Spam filter
logs.
3 - Error An error condition exists and
functionality could be affected.
Event and Spam filter logs.
4 - Warning Functionality could be affected. Event and Antivirus logs.
5 - Notification Information about normal events. Traffic and Web Filter logs.
6 - Information General information about system
operations.
Content Archive, Event, and
Spam filter logs.
To Next Page
Loading...
Need help?
General