Logging all internet traffic

You' ll have to setup a syslog server. Fortinet has a the 3CDaemon available on their FTP site that will run in windows just fine. Then you' ll have to come up with some sort of system for making sense of the logs. Once you' ve setup the syslog server you' ll have to turn it on in the GUI on the 200A under Log&Report -> Log Config. Check the Syslog box and put in the IP. Check the CSV box if you want to make it easier to manipulate with Excel or some such spread sheet. Once you' ve done that go to the Log Filter tab and check the ' Policy Allowed Traffic' box under Syslog. That way you' ll just get traffic and not other things like virii and admin logins. Enjoy... Ryan

I think that' s only going to give you IP addresses. You' ll have to get a log scanning tool to see where they' re going. If you get a subscription to the FortiGuard service you can see where everyone is going and do monitoring/blocking based on category. Then you would set your Log Filter to log all of the " Web Filter Log" section. Alternately you can run a proxy server like Squid and utilize an Open Source tool like SARG to keep track of where your users go.

Check out FortiLog or FortiReporter - http://www.fortinet.com/products/fortilog.html You can download free trial of FortiReporter from the web

An easy-to-setup and use system for doing Fortigate log analytics and intelligence is made by On Garde!, for which you can obtain a free trial from RiskXP. It is capable of real-time rendering, alerting and correlation, and much more. In particulary, with Fortiguard enabled, you get total visibility into individual user' s web activity, and also be alerted to policy abuses that you configure yourself. This is alerting function is available in real-time. Please visit www.ongarde.com, or www.riskxp.com, or feel free to contact me.