Fortinet Gate 60D - Accessing Logs; Accessing Logs Stored in Memory; Accessing Logs Stored on the Hard Disk

To Next Page

To Previous Page

Accessing Logs Log&Report

FortiGate Version 4.0 Administration Guide

662 01-400-89802-20090424

http://docs.fortinet.com/ • Feedback

You can view attack log messages from either the Memory or Remote tab.

To enable the attack logs

1 Go to Firewall > Protection Profile.

2 Select Edit beside the protection profile that you want.

3 Select the Expand Arrow beside Logging to reveal the available options.

4 Select Log Intrusions under IPS.

5 Select OK.

Accessing Logs

You can use the Log Access feature in the FortiGate web-based manager to view logs

stored in memory, on a hard disk, or stored on a FortiAnalyzer unit running FortiAnalyzer

3.0, or on the FortiGuard Analysis server.

Log Access provides tabs for viewing logs according to these locations. Each tab provides

options for viewing log messages, such as search and filtering options, and choice of log

type. The Remote tab displays logs stored on either the FortiGuard Analysis server or

FortiAnalyzer unit, whichever one is configured for logging.

For the FortiGate unit to access logs on a FortiAnalyzer unit, the FortiAnalyzer unit must

run firmware version 3.0 or higher.

Accessing logs stored in memory

You can access logs stored in the FortiGate system memory from the Memory tab. The

traffic log type is not available in the Log Type list because the FortiGate system memory

is unable to store them; however, you can view attack logs.

To view log messages in the FortiGate memory buffer, go to Log&Report > Log Access,

select the Memory tab, and then select a log type from the Log Type list.

Accessing logs stored on the hard disk

You can access logs stored on the hard disk if your FortiGate unit has a hard disk. Logs

stored on the hard disk are available for viewing in the Disk tab. You can view, navigate,

and download logs stored on the hard disk.

To access log files on the hard disk, go to Log&Report > Log Access, select the Disk tab,

and then select a log type from the Log Type list. The FortiGate unit displays a list of rolled

log files. You can view log messages when you select the View icon.

Note: Make sure attack signature and attack anomaly DoS sensor settings are enabled to

log the attack. The logging options for the signatures included with the FortiGate unit are

set by default. Ensure any custom signatures also have the logging option enabled. For

more information, see “Intrusion Protection” on page 455.