log all IPS hits

Hi, new on the forums and fairly new to Fortigate.

So...

The default action on a lot of IPS signatures is Pass. But action Pass produces no logging!

I would like to at least log ALL hits to any signature.

Can this be done easily?

[ul]

An IPS Filter (which allows changing the action for a set of signatures) does not allow for filtering on the default action.

Adding all signatures manually is not feasible (nor manageable), a few thousand signatures would have to be added manually...[/ul]

New Member

You can delete this thread, was posted double...

Sign up