Log&Report FortiGate logging
FortiGate Version 4.0 Administration Guide
01-400-89802-20090424 647
http://docs.fortinet.com/ • Feedback
Log&Report
FortiGate units provide extensive logging capabilities for traffic, system and network
protection functions. They also allow you to compile reports from the detailed log
information gathered. Reports provide historical and current analysis of network activity to
help identify security issues that will reduce and prevent network misuse and abuse.
This section provides information about how to enable logging, view log messages, and
configure reports. If you have VDOMs enabled, see “Using virtual domains” on page 103
for more information.
The following topics are included in this section:
• FortiGate logging
• FortiGuard Analysis and Management Service
• Log severity levels
• High Availability cluster logging
• Storing logs
• Log types
• Accessing Logs
• Viewing log information
• Customizing the display of log messages
• Content Archive
• Alert Email
• Reports
FortiGate logging
A FortiGate unit can log many different network activities and traffic including:
• overall network traffic
• system-related events including system restarts, HA and VPN activity
• anti-virus infection and blocking
• web filtering, URL and HTTP content blocking
• signature and anomaly attack and prevention
• spam filtering
• Instant Messaging and Peer-to-Peer traffic
• VoIP telephone calls.
When customizing the logging location, you can also customize what minimum log
severity level the FortiGate unit should log these events at. There are six severity levels to
choose from. For more information, see “Log severity levels” on page 649.
Note: If the FortiGate unit is in Transparent mode, certain settings and options for logging
may not be available because certain features do not support logging, or are not available
in Transparent mode. For example, SSL VPN events are not available in Transparent
mode.
To Next Page
Loading...