Log types Log&Report
FortiGate Version 4.0 Administration Guide
660 01-400-89802-20090424
http://docs.fortinet.com/ • Feedback
4 Select Apply.
Data Leak Prevention log
Data Leak Prevention (DLP) provides additional information for administrators that can
better analyze and detect data leaks. You can enable logging of your configured settings
for Data Leak Prevention in a protection profile.
Before enabling logging of DLP events, verify that the correct DLP sensor is available for
what you want to log. A DLP sensor is required for both logging and content archiving of
DLP events. You cannot apply multiple DLP sensors for logging or content archiving of
DLP events.
To enable logging of Data Leak Prevention settings
1 Go to Firewall > Protection Profile.
2 Select the Expand Arrow to view the policy list for a policy.
3 Select Edit beside the policy that you want.
4 Select the Expand Arrow to view the Data Leak Prevention options.
5 Select the check box next to the sensor list.
6 Select a sensor from the list.
7 Select the Expand Arrow to view the Logging options.
8 Select the Data Leak Prevention Log DLP check box.
Application Control log
This log file includes IPS, IM/P2P and VoIP events that the FortiGate unit records. The
application control log also includes some IPS activities.
Before enabling logging of Application Control events, verify that the correct application
control list is available for what you want to log. An application control list is required for
logging application control events.
To enable logging of Application Control settings
1 Go to Firewall > Protection Profile.
2 Select Edit beside the protection profile that you want.
3 Select the Expand arrow to expand Application Control.
4 Select the check box beside the application control list.
5 Select a list from the application control list.
6 Select the Expand Arrow to expand the Logging options.
7 Select the Log Application Control check box.
Antivirus log
The Antivirus log records virus incidents in Web, FTP, and email traffic. For example,
when the FortiGate unit detects an infected file, blocks a file type, or blocks an oversized
file or email that is logged, it records an antivirus log. You can also apply filters to
customize what the FortiGate unit logs, which are:
VIP server health
monitor event
All related VIP server health monitor events that occur when the VIP
health monitor is configured, such as an interface failure.
CPU & memory
usage (every 5 min)
All real-time CPU and memory events, at 5-minute intervals.
To Next Page
Loading...