Created on 12-07-2022 09:22 AM Edited on 01-07-2024 10:02 PM By Anthony_E
Description |
This article explains how to configure and use the new 'Policy change summary' and 'audit trail' features. |
Scope |
FortiOS 7.2 and above. |
Solution |
Policy change summary: Each time a firewall policy is created or edited, the administrator will be prompted to write a summary as a record of the changes.
To configure the firewall policy change summary feature in the GUI:
To configure the firewall policy change summary feature in the CLI:
config system settings set gui-enforce-change-summary {disable | require | optional} end
Note: The default option for the policy summary feature is 'required'. However, the option will not be applied until the feature is enabled as in the instructions above.
In a multiple VDOM environment, the policy summary option can be enabled on a per-VDOM basis:
Under Global -> System -> VDOM, select the VDOM and enable the feature with the preferred option:
The Audit trail feature can be used to review the policy change summaries, along with the date and time of each change and a log of which administrator committed the change.
To review the audit trail in the GUI:
Note:
To confirm if the device has a hard disk, check the Data Sheet of the device, or run the below commands on the FortiGate to confirm:
get system status -> Check for 'Log hard disk' get hardware status -> Check for 'Hard disk'
If the device is confirmed to have a hard disk, check if disk logging is enabled/disabled. Enable disk logging to activate Audit trail feature:
config log disk setting set status enable end
After the above changes, refresh the GUI or log out from the firewall's GUI. Open a new web browser session, then log back in. The audit trail feature should be available on Firewall Policy.
Debug logs from httpsd debugging:
diagnose debug reset diagnose debug application httpsd -1 diagnose debug console time enable diagnose debug enable
To disable the debugging:
diagnose debug disable diagnose debug reset
Related articles: Log hard disk: 'Not available' message when hard disk is present in the unit Technical Tip: 'Log hard disk: Not available' message when hard disk is present in the unit FortiGate Debugger Chrome Extension Technical Tip: FortiGate Support Tool - Google Chrome Extension for troubleshooting GUI issues |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.