Fortigate - Logging

Enable logging per firewall policy:

config firewall policy
edit <policy id>
set logtrafffic-start enable

Set severity log globally to information level:

config log memory filter
set severity information

The Log all events must be enabled via GUI per policy as well.

Ignore broadcast log messages on log files:

config log setting
set local-in-deny disable

The default is enable.

This example shows how to enable logging to a remote Syslog server, configure an IP address and port for the server, and set the facility type to user:

config log syslogd setting
 set status enable
 set server
 set port 514
 set facility user

config log syslogd filter
 set severity error

How to display the configuration for logging to a remote syslog server:

show log syslogd setting

If the show command returns you to the prompt, the settings are at default.

Sources * * *