Data Leak Prevention Log; Application Control Log - Fortinet FortiGate Series Administration Manual
Hide thumbs
Also See for FortiGate Series:
- Administration manual (60 pages) ,
- Install manual (51 pages) ,
- Quick start manual (14 pages)
Table of Contents
Advertisement
Configuring Event logging
Data Leak Prevention log
Application Control log
718
Pattern update
All pattern update events, such as antivirus and IPS pattern updates and
update failures.
event
SSL VPN user
All user authentication events for an SSL VPN connection, such as logging
in, logging out and timeout due to inactivity.
authentication event
SSL VPN
All administration events related to SSL VPN, such as SSL configuration
and CA certificate loading and removal.
administration event
SSL VPN session
All session activity such as application launches and blocks, timeouts, and
verifications.
event
VIP ssl event
All server-load balancing events happening during SSL sessions, especially
details about handshaking.
VIP server health
All related VIP server health monitor events that occur when the VIP health
monitor is configured, such as an interface failure.
monitor event
CPU & memory
All real-time CPU and memory events, at 5-minute intervals.
usage (every 5 min)
Data Leak Prevention (DLP) provides additional information for administrators that can
better analyze and detect data leaks. You can enable logging of your configured settings
for Data Leak Prevention in a protection profile.
Before enabling logging of DLP events, verify that the correct DLP sensor is available for
what you want to log. A DLP sensor is required for both logging and DLP archiving of DLP
events. You cannot apply multiple DLP sensors for logging or DLP archiving of DLP
events.
To enable logging of Data Leak Prevention settings
1 Go to Firewall > Protection Profile.
2 Select the Expand Arrow to view the policy list for a policy.
3 Select Edit beside the policy that you want.
4 Select the Expand Arrow to view the Data Leak Prevention options.
5 Select the check box next to the sensor list.
6 Select a sensor from the list.
7 Select the Expand Arrow to view the Logging options.
8 Select the Data Leak Prevention Log DLP check box.
This log file includes IPS, IM/P2P and VoIP events that the FortiGate unit records. The
application control log also includes some IPS activities.
Before enabling logging of Application Control events, verify that the correct application
control list is available for what you want to log. An application control list is required for
logging application control events.
To enable logging of Application Control settings
1 Go to Firewall > Protection Profile.
2 Select Edit beside the protection profile that you want.
3 Select the Expand arrow to expand Application Control.
4 Select the check box beside the application control list.
5 Select a list from the application control list.
FortiGate Version 4.0 MR1 Administration Guide
01-410-89802-20090903
http://docs.fortinet.com/
Log&Report
•
Feedback
Advertisement
Table of Contents
