Log viewing

Hi all,

 

I'm new to FortiGate UTM appliances, so forgive my ignorance  I have a FortiGate 30E deployed in a production environment and I have it setup to forward logs to FortiCloud. There's a few things I'm unclear about. In my old SonicWall units, I could send logs to an e-mail address. Those logs used to look like this:

 

17 07/28/2016 13:36:23.064NoticeNetwork AccessUDP packet dropped66.186.74.173, 10787, X176.9., 60771, X1UDP Port: 60771 18 07/28/2016 13:36:37.112NoticeNetwork AccessICMP packet dropped due to policy45.55.107.153, 3, X176.9., 3, X1ICMP Destination Unreachable, Code: 10 19 07/28/2016 13:36:52.128NoticeNetwork AccessTCP connection dropped60.249.103.226, 4956, X176.9., 1433, X1TCP RPC Services 20 07/28/2016 13:36:55.496DebugNetwork AccessHTTP method detected; examining stream for host header192.168., 49340, X052.9.90.51, 80, X1TCP HTTP 21 07/28/2016 13:37:34.464NoticeNetwork AccessUDP packet dropped219.79.60.75, 40752, X176.9., 23653, X1UDP Port: 23653 22 07/28/2016 13:37:57.224DebugNetwork AccessHTTP method detected; examining stream for host header192.168., 50862, X052.9.90.51, 80, X1TCP HTTP

These logs showed me when traffic was blocked by the WAN->LAN DENY ALL firewall policy. It's a requirement for me to be able to see these block connections. In FortiCloud, unless I'm missing it somewhere, I can't find where I would see this. Even statistically, for example, "Top Block Connections" or whatever. The FortiGate's firewall policy is implicit and was created by default, but I have turned on the only logging option that I can on it (see attached screenshot to this post).

 

Anyone with any insight ?