FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article discusses setting a severity-based filter for External Syslog in FortiGate.
Scope
FortiGate.
Solution
When using an external syslog server for receiving logs from FortiGate, there is an option that lets filter it based on the log severity. By setting the severity, the log will include messages under the selected severity and include the above severities. By default, it is set to information.
The severity levels are as below:
Parameter
Description
Emergency
Emergency level.
Alert
Alert level.
Critical
Critical level
Error
Error level.
Warning
Warning level.
Notification
Notification level.
Information*
Information level.
Debug
Debug level.
CLI Command:
config log syslogd filter set severity (parameter) <----- Debug, information*, notification, warning, error, critical, alert, emergency. end
