FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
awasfi_FTNT
Staff
Staff
Description
When VDOMs are enabled, log disk quota is limited to a default value which varies based on the device model and hardware.

This value can be increased or reduced, however the log quota storage is shared between VDOMs.

Solution
The following commands only available when VDOMs enabled:
config  global
config system resource-limits
set log-disk-quota <quota_size>
end
end

The "get" command can be used to view the current settings including disk quota size:
config  global
config system  resource-limits
get

Also available range of the quota can be confirmed using command:
set log-disk-quota ?

The log-disk-quota is calculated as
(default-maximum storage) - (web-opt disk quota) where web-opt is the quota for web cache and wan optimization.

To check wan optimization and web cache quota use the commands:
config global
config  wanopt storage
edit Internal
get
webcache-storage-size: <quota size>
wan-optimization-cache-storage-size: <quota size>

where Internal is the disk storage name.

However, to guarantee specific log quota for specific VDOM the quota must be set under "vdom-property".
config global
config  system  vdom-property
edit  <vdom1_name>
set log-disk-quota <vdom quota size>
next
edit <vdom2_name>
set log-disk-quota <vdom quota size>
next
end

The quota can then be assigned under each VDOM for disk logging:
config vdom
edit <vdom_name>
config log disk setting
set log-quota 3000

Notes:

1) The total quota cannot be assigned as part of it will be used by reports.

2) To reduce the log quota under "vdom-property" it is necessary to first unset log quota on VDOM under "log disk setting".

Contributors