Fortigate and Syslog Question

Question

-Fortigate 300D-Firmware 5.2.6 build 711 Logs are being sent to a Syslog server, and appear to be Information severity/priority level. This is way too much logging. I would like to drop this down to Notification or Warning level. In the GUI or CLI, I don't see a way to adjust the level, only enable/disable "Endpoint Event," "Router Activity Event, "VPN Activity event" and so on for the VDOMs.   How can the logging level for Syslogs on the Fortigate be adjusted, or is it a matter of filtering what gets logged at the Syslog server?

Jeff_FTNT · Answer

You may go to CLI :config  log  syslogd filter    FG200B3910600188 (filter) # get  severity            : information  forward-traffic     : enable  local-traffic       : enable  multicast-traffic   : enable  sniffer-traffic     : enable  anomaly             : enable  netscan-discovery   : enable  netscan-vulnerability: enable  voip                : enable

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded