Log Severity Levels - Fortinet Fortigate-5000 series Administration Manual

Log severity levels

Log severity levels
408
For better log storage and retrieval, the FortiGate unit can send log messages to a
FortiAnalyzer™ unit. FortiAnalyzer units are network appliances that provide
integrated log collection, analysis tools and data storage. Detailed log reports
provide historical as well as current analysis of network and email activity, to help
identify security issues and reduce network misuse. The FortiGate unit can send
all log message types, as well as quarantine files, to a FortiAnalyzer unit for
storage. The FortiAnalyzer unit can upload log files to an FTP server for archival
purposes. See "Logging to a FortiAnalyzer unit" on page 409
configuring the FortiGate unit to send log messages to a FortiAnalyzer unit.
The FortiGate unit can send log messages to either a Syslog server or
WebTrends server for storage and archival purposes. You can configure the
FortiGate unit to send log messages to its hard disk, if available.
You can also configure the FortiGate unit to log to a FortiGuard Log & Analysis
server after subscribing for FortiGuard Log & Analysis subscription-based
services. The FortiGuard Log & Analysis server enables you to store FortiGate
logs, similar to other logging devices such as a FortiAnalyzer unit or Syslog
server. This service is only available to FortiGate-100 units and lower. The
FortiGuard Log & Analysis subscription-based services will be available soon.
Contact technical support for more information.
The FortiGate unit enables you to view log messages available in memory, on a
FortiAnalyzer unit running firmware version 3.0 or higher, hard disk if available,
and the FortiGuard Log & Analysis server. Customizable filters enable you to
easily locate specific information within the log files.
See the FortiGate Log Message Reference
messages and formats.
Note: See the FortiGate CLI Reference
disk.
You can define what severity level the FortiGate unit records logs at when
configuring the logging location. The FortiGate unit logs all messages at and
above the logging severity level you select. For example, if you select Error, the
unit logs Error, Critical, Alert and Emergency level messages.
Table 44: Log severity levels
Levels Description
0 - Emergency The system has become unstable.
1 - Alert Immediate action is required.
2 - Critical Functionality is affected.
3 - Error An error condition exists and
functionality could be affected.
4 - Warning Functionality could be affected.
5 - Notification Information about normal events.
6 - Information General information about system
operations.
for details on
for details and descriptions of log
for details on saving logs to the FortiGate hard
Generated by
Event logs, specifically
administrative events, can
generate an emergency severity
level.
Attack logs are the only logs that
generate an Alert severity level.
Event, Antivirus, and Spam filter
logs.
Event and Spam filter logs.
Event and Antivirus logs.
Traffic and Web Filter logs.
Content Archive, Event, and
Spam filter logs.
FortiGate Version 3.0 MR4 Administration Guide
01-30004-0203-20070102
Log&Report