Fortinet FortiGate Series Administration Manual page 544

Hide thumbs Also See for FortiGate Series:
Table of Contents

Advertisement

IPS sensors
544
Note: Setting
performance of the FortiGate unit because network traffic must be buffered. The
performance penalty depends on the model, the setting, and the traffic load.
To enable packet logging for a signature
1 Create either a pre-defined override or a custom override in an IPS sensor. For more
information. For more information, see
on page
541.
2 Enable Packet Log in the override.
3 Select the IPS sensor in the protection profile applied to the firewall policy that allows
the network traffic the FortiGate unit will examine for the signature.
Viewing and saving logged packets
Once the FortiGate unit logs packets, you can view or save them.
To view and save logged packets
1 Go Log & Report > Log Access.
2 Depending on where the logs are configured to be stored, select the appropriate tab:
• Memory: Select Memory if logs are stored in the FortiGate unit memory.
• Disk: Select Disk if the FortiGate unit has an internal hard disk and logs are stored
there.
• Remote: Select Remote if logs are sent to a FortiAnalyzer unit or to the FortiGuard
Analysis and Management Service.
3 Select the Attack Log log type.
4 Select the Packet Log icon of the log entry you want to view.
The IPS Packet Log Viewer window appears.
Figure 323: Log entry with packet log icon
packet-log-history
"Configuring pre-defined and custom overrides"
1
to a value larger than
can affect the maximum
FortiGate Version 4.0 MR1 Administration Guide
01-410-89802-20090903
http://docs.fortinet.com/
Intrusion Protection
Feedback

Advertisement

Table of Contents
loading

Table of Contents