Log config, Log setting options – Fortinet 100A User Manual

340

01-28007-0068-20041203

Fortinet Inc.

Log Setting options

Log & Report

Figure 182:Example alert email

For descriptions of log formats and specific log messages see the FortiGate Log
Message Reference Guide.

This chapter describes:

•

Log config

•

Log access

•

CLI configuration

Log config

Use Log Config to configure log storage, alert emails and log filters.

This section describes:

•

Log Setting options

•

Alert E-mail options

•

Log filter options

•

Configuring log filters

•

Enabling traffic logging

Log Setting options

You can enable and configure the storing of log messages to one or more of the
following locations:

.

From: [email protected]
Sent: Tuesday, April 27, 2004 5:30 PM
To: [email protected]
Subject: Message meets Alert condition

Message meets Alert condition
2004-04-27 13:28:52 device_id=APS3012803033139 log_id=0101023002
type=event subtype=ipsec pri=notice loc_ip=172.16.81.2 loc_port=500
rem_ip=172.16.81.1 rem_port=500 out_if=dmz vpn_tunnel=ToDmz action=negotiate
init=local mode= stage=-112 dir=inbound status=success msg="Initiator: tunnel
172.16.81.1, transform=ESP_3DES, HMAC_SHA1"

Message meets Alert condition
2004-04-27 13:28:54 device_id=APS3012803033139 log_id=0101023004
type=event subtype=ipsec pri=notice loc_ip=172.16.81.2 loc_port=500
rem_ip=172.16.81.1 rem_port=500 out_if=dmz vpn_tunnel=ToDmz action=negotiate
init=local mode=quick stage=2 dir=outbound status=success msg="Initiator: sent
172.16.81.1 quick mode message #2 (DONE)"

FortiLog

A FortiLog unit. The FortiLog unit is a log analyzer and manager that can

combine the log information from various FortiGate units and other firewall

units. To enable content archiving with a firewall

Protection profile

, you need

to select the FortiLog option and define its IP address.