Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
enguyen3467
Staff
Staff

Created on ‎10-11-2022 04:37 PM

Article Id 226401

Technical Tip: Disable session start logs

Description

This article describes how to disable session start logs.

There are occasions when one wants to disable the traffic logging on some firewall policies due to the need to see only certain logs on other firewall policies on either FortiGate’s GUI or FortiAnalyzer.

The 'Log Allowed Traffic' option is already set off on the GUI:

 

enguyen3467_0-1665524918759.png

 

However, on the FortiGate or FortiAnalyzer or any other syslog servers, one still see the messages 'Accept: session start' with the respective firewall policy name and ID associated:

 

enguyen3467_1-1665524927171.png
Scope All FortiOS version.
Solution

On the CLI, disable the following setting in the firewall policy:

 

# config firewall policy

    edit <id>

      set logtraffic-start enable ---> disable this

    next

  end
1255
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.