Filtering Log Messages - Fortinet FortiGate FortiGate-800 Installation And Configuration Manual

Logging and reporting

Filtering log messages

FortiGate-800 Installation and Configuration Guide
You can configure the logs that you want to record and the message categories that
you want to record in each log.
To filter log entries
1 Go to Log&Report > Log Setting.
2 Select Config Policy for the log location that you selected in
page 309.
3 Select the log types that you want the FortiGate unit to record.
Traffic Log
Event Log
Virus Log
Web Filtering Log Record activity events, such as URL and content blocking, and exemption
Attack Log
Email Filter Log
Update
4 Select the message categories that you want the FortiGate unit to record if you
selected Event Log, Virus Log, Web Filtering Log, Attack Log, Email Filter Log, or
Update in step 3.
5 Select OK.
Record all connections to and through the interface.
To configure traffic filtering, see
Record management and activity events in the event log.
Management events include changes to the system configuration as well
as administrator and user logins and logouts. Activity events include
system activities, such as VPN tunnel establishment and HA failover
events.
Record virus intrusion events, such as when the FortiGate unit detects a
virus, blocks a file type, or blocks an oversized file or email.
of URLs from blocking.
Record attacks detected by the NIDS and prevented by the NIDS
Prevention module.
Record activity events, such as detection of email that contains unwanted
content and email from unwanted senders.
Record log messages when the FortiGate connects to the FDN to
download antivirus and attack updates.
Filtering log messages
"Recording logs" on
"Adding traffic filter entries" on page 316.
313