Skip to main content
bjackson2
bjackson2
New Member
December 31, 2015
Question

IPS Packet Logging

  • December 31, 2015
  • 1 reply
  • 9436 views

I have 2 questions that I was hoping someone would be able to provide insight on...

 

1) If I enabled packet logging on my IPS sensors, will that enable me to download the packets that triggered an alert in the form of a PCAP file? Or will that simply add more packet information to the log files?

 

2) If I enable packet logging, what possible "side-effects" should I expect to see (i.e. drastic increase in memory/CPU usage, the disk fills up quicker than expected, etc...)?

 

Thank You!!

    1 reply

    awasfi_FTNT
    Staff
    awasfi_FTNT
    Staff
    January 4, 2016

    Hello,

     

    Please refer to the following links:

    1) http://help.fortinet.com/fgt/handbook/cli52_html/index.html#page/FortiOS%25205.2%2520CLI/config_ips.15.6.html

     

    2) http://help.fortinet.com/fos50hlp/52data/index.htm#FortiOS/fortigate-security-profiles-52/IPS/Enable IPS packet logging.htm?Highlight=log-packet

     

    Regards

    Terms & ConditionsAccessibility statement