FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article describes the situation when FortiGate is sending web-filter events/logs to a syslog server and if one wants to block or disable these system events logs to the Syslog server.
Scope
FortiGate.
Solution
Event Logs: 'Blocked URL belongs to a denied category in policy'.
If traffic is getting denied by the web-filter profile and FortiGate is sending logs to a Syslog server. It is not desired to send these event logs, it is possible to disable it by running the following commands:
config logs syslogd filter
config free-style
edit1
set category webfilter
set filter "(logid 0100032002 0100041000)" -> logs wanted to be blocked.
set filter-type exclude
next
end
Note: If FIPS-CC is enabled on the device, the command 'config free-style' will not be available.
