Description
In FortiOS 4.0 MR2 and before, other-traffic is not enabled by default.
In FortiOS 4.0 MR3 and later, the setting name is changed to extended-traffic-log and is enabled by default. This may lead to a large increase in traffic log activity being seen after upgrading to FortiOS 4.0 MR3.
Scope
FortiOS 4.0 MR3.
Solution
Configuration for FortiOS 4.0 MR2 and before:
# config log [memory|disk|fortianalyzer|...] filter
# set other-traffic [enable|disable] |
Configuration for FortiOS 4.0 MR3 and later:
# config log [memory|disk|fortianalyzer|...] filter
# set extended-traffic-log [enable|disable] |
In FortiIS 4.0 MR2 the value of other-traffic is disabled by default, in FortiOS 4.0 MR3 the value of extended-traffic-log is enabled by default.
When a FortiGate is upgraded from 4.0 MR2 or before to 4.0 MR3 then the value will be enabled even if the previous setting of other-traffic was disabled.
The setting should be disabled if this type of log is not required.
Related Articles
What does the log filter setting "other-traffic" display?
