Logging and reporting, Document conventions – Fortinet 100A User Manual

Introduction Secure

installation, configuration, and management

FortiGate-100A Administration Guide

01-28007-0068-20041203

19

The CLI supports the same configuration and monitoring functionality as the
web-based manager. In addition, you can use the CLI for advanced configuration
options that are not available from the web-based manager.

This Administration Guide contains information about basic and advanced CLI
commands. For a more complete description about connecting to and using the
FortiGate CLI, see the FortiGate CLI Reference Guide.

Logging and reporting

The FortiGate unit supports logging for various categories of traffic and configuration
changes. You can configure logging to:

• report traffic that connects to the firewall,
• report network services used,
• report traffic that was permitted by firewall policies,
• report traffic that was denied by firewall policies,
• report events such as configuration changes and other management events,

IPSec tunnel negotiation, virus detection, attacks, and web page blocking,

• report attacks detected by the IPS,
• send alert email to system administrators to report virus incidents, intrusions, and

firewall or VPN events or violations.

Logs can be sent to a remote syslog server or a WebTrends NetIQ Security Reporting
Center and Firewall Suite server using the WebTrends enhanced log format. Some
models can also save logs to an optional internal hard drive. If a hard drive is not
installed, you can configure most FortiGate units to log the most recent events and
attacks detected by the IPS to the system memory.

Document conventions

This guide uses the following conventions to describe CLI command syntax.

• Angle brackets < > to indicate variables.

For example:

execute restore config <filename_str>