Table of Contents
Advertisement
Log&Report
Logging to a Syslog server
1
2
3
4
Logging to WebTrends
FortiGate Version 3.0 MR4 Administration Guide
01-30004-0203-20070102
The syslog is a remote computer running a syslog server. Syslog is an industry
standard used to capture log information provided by network devices.
Figure 278:Logging to a Syslog server
To configure the FortiGate unit to send logs to a syslog server
Go to Log&Report > Log Config > Log Setting.
Select Syslog.
Select the blue arrow to expand the Syslog options.
Set the following syslog options and select Apply:
Name/IP
The domain name or IP address of the syslog server.
Port
The port number for communication with the syslog server, typically
port 514.
Level
The FortiGate unit logs all messages at and above the logging
severity level you select. For details on the logging levels, see
Table 44, "Log severity levels," on page
Facility
Facility indicates to the syslog server the source of a log message.
By default, FortiGate reports Facility as local7. You may want to
change Facility to distinguish log messages from different FortiGate
units.
Enable CSV Format If you enable CSV format, the FortiGate unit produces the log in
Comma Separated Value (CSV) format. If you do not enable CSV
format the FortiGate unit produces plain text files.
Note: If more than one Syslog server is configured, the Syslog servers and their settings
display on the Log Settings page.
WebTrends is a remote computer running a NetIQ WebTrends firewall reporting
server. FortiGate log formats comply with WebTrends Enhanced Log Format
(WELF) and are compatible with NetIQ WebTrends Security Reporting Center and
Firewall Suite 4.1.
Use the command line interface to configure the FortiGate unit to send log
messages to WebTrends. After logging into the CLI, enter the following
commands:
config log webtrends setting
set
server <address_ipv4>
set
status {disable | enable}
end
Storing Logs
408.
413
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
