FortiGate Version 3.0 MR4 Administration Guide
418 01-30004-0203-20070102
Log types Log&Report
Attack log
The Attack Log records attacks detected and prevented by the FortiGate unit. The
FortiGate unit logs the following:
To enable the attack logs
1 Go to Firewall > Protection Profile.
2 Select edit for a protection profile.
3 Select the blue arrow to expand the Logging options.
4 Select Log Intrusions
5 Select OK.
Spam filter log
The Spam Filter Log records blocking of email address patterns and content in
SMTP, IMAP and POP3 traffic.
To enable the Spam log
1 Go to Firewall > Protection Profile.
2 Select edit for a protection profile.
3 Select the blue arrow to expand the Logging options.
4 Select the Log Spam.
5 Select OK.
IM and P2P log
The Instant Message (IM) and Peer-to-Peer (P2P) log records instant message
text and audio communications, file transfers attempted by users, the time the
transmission was attempted, the type of IM application used and the content of
the transmission.
To enable IM and P2P logs
1 Go to Firewall > Protection Profile.
2 Select the Edit icon for a protection profile.
3 Select the blue arrow to expand the Logging options.
4 Select Log IM Activity
5 Select Log P2P Activity
6 Select OK.
Attack Signature The FortiGate unit logs all detected and prevented attacks based on
the attack signature, and the action taken by the FortiGate unit.
Attack Anomaly The FortiGate unit logs all detected and prevented attacks based on
unknown or suspicious traffic patterns, and the action taken by the
FortiGate unit.
Note: Make sure attack signature and attack anomaly settings are enabled to log the
attack. The logging options for the signatures included with the FortiGate unit are set by
default. Ensure any custom signatures also have the logging option enabled. For details,
see “Intrusion Protection” on page 349.