Technical Tip: Configuring logging to the FortiGate local hard disk
| Description | This article describes how to configure logging to the FortiGate hard disk. |
| Scope | All FortiGate that have an internal hard disk.All FortiOS. |
| Solution | Since FortiOS v3.0, the logging to disk configuration was removed from the web-based manager. It remains an option on FortiGate units equipped with an internal hard disk; however, it is necessary to configure the logging using the Command Line Interface (CLI).
In FortiOS v2.8, the configuration of logging to disk was available in both the web-based manager and the CLI. The following commands can be used in both versions of FortiOS.
To enable logging to the hard disk, use the CLI command:
config log disk setting
Once enabled, it is possible to configure logging options for the disk. It is also possible to set additional filters using the command: 'config log disk filter'.
To verify the presence of an internal hard disk for logging, run the command 'get system status' and search for Log Hard Disk option. If Log hard Disk: not available, refer to the article to troubleshoot the issue. Technical Tip: 'Log hard disk: Not available'
Additional Note: The same configuration applies to the newest versions of FortiOS, including v7.2.x, v7.4.x, and v7.6.x. As the initial versions of this article were created a long time ago, a few options under these settings might have changed. However, on v7.4.8 of the FortiOS, as an example, the options for 'config log disk setting' are as follows:
config log disk setting
And for 'config log disk filter':
config log disk filter
Note: On the FortiGate-30G model, although a log disk is available, it is restricted to 'event' logs only, and logging forward traffic to the disk is not possible. For more information, refer to Technical Tip: Limitations of Disk Logging on FortiGate-30G Firewalls. |