Visitor III

Solved

If I Put UTM in the firewall policy will it collect logs?

Forum|Forum|4 years ago
May 10, 2022
3 replies
5085 views

Or where can I get the logs output?

FortiGate

Best answer by iskandar_lie

Hi,

Under the security profile, start from Antivirus, and so fort - they are UTM. You can enable it by pressing the slide.

this is to clarify you question about UTM and Sec. events :

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Difference-between-Security-Events-and-All-session/ta-p/206881

Regards,

Lie

jintrah_FTNT

Staff

Hi,

In the firewall policy, you may enabled UTM as needed to record security events by default. There is also an option to log all sessions,

The logs can be viewed under Log & Report section provided logging to memory/disk/FortiAnalyzer have been enabled( for ref on memory logging, Technical Note: How to configure logging in memory... - Fortinet Community).

best regards,

Jin

Network_EngineerAuthor

Visitor III

Hi,

In your screenshot, where is the option to enable UTM?

What is the difference between UTM and security events?

iskandar_lieAnswer

Staff

Hi,

Under the security profile, start from Antivirus, and so fort - they are UTM. You can enable it by pressing the slide.

this is to clarify you question about UTM and Sec. events :

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Difference-between-Security-Events-and-All-session/ta-p/206881

Regards,

Lie

Rathan_FTNT

Staff

Hello,

Also, you can set the log severity to information to view almost all logs

The command in CLI will be as below

config log memory filter
set severity information
end

Similarly, for analyzer, you can replace "memory" with "analyzer" for sys log "syslog"

Refer to the below log severity levels

https://docs2.fortinet.com/document/fortimanager/6.0.10/log-message-reference/547625/priority-levels

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded