Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
aahmadbasri
Staff
Staff

Created on ‎08-13-2024 12:11 AM Edited on ‎08-18-2025 10:53 PM By Community Manager

Article Id 332481

Technical Tip: Add a custom field in FortiGate logs

Description This article describes how to add a custom field in FortiGate logs.
Scope FortiGate, Logs.
Solution

If a specific field  is necessary in FortiGate logs (for example, for logs classification in the Syslog server), the custom field can be added:

 

  1. Configure a custom field with a value :

 

config log custom-field
    edit "CustomLog"        
        set name "Class"            <----- Field Name.
        set value "FortiGate-VM"    <----- Field Value.
    next
end

 

  1. Configure the log setting:

 

config log setting

    set custom-log-fields "CustomLog"

end

 

All logs in FortiGate will be added with the custom field.  Sample Forward Traffic logs:

 

KB_9_1.png

 

Sample System Event Logs:

 

KB_9_2.png

 

Logs sent to the syslog server will include this custom field. 

 

Note:

Changing log field names directly on a FortiGate or FortiGate VM is not supported, as FortiOS relies on a predefined logging structure. The field names are standardized and cannot be modified within the device.

 

 

1474
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.