Description | This article describes how the 'negate' command in debug flow works. |
Scope | FortiGate. |
Solution |
The negate property can be used to exclude an IP address from debug logs. For example, to capture the debug for all sources except the IP 8.8.8.8, run the following configuration:
After running the commands, if any traffic flows through the FortiGate, it is possible to see the output but not for the address 8.8.8.8. In other words, 8.8.8.8 is excluded from the debug.
Related articles: Debugging packet flow - FortiGate Cookbook. Troubleshooting Tip: Enable Policy Trace in Debug Flow. Troubleshooting Tip: First steps to troubleshoot connectivity. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.