| Description |
This article explains how to configure and use the new 'Policy change summary' and 'audit trail' features. |
| Scope |
FortiOS 7.2 and above. |
| Solution |
Policy change summary: Each time a firewall policy is created or edited, the administrator will be prompted to write a summary as a record of the changes.
To configure the firewall policy change summary feature in the GUI: 1) Go to System -> Feature Visibility. 2) Enable Workflow Management. 3) Select Apply. 4) Go to System -> Settings. 5) Enable Policy change summary:
To configure the firewall policy change summary feature in the CLI:
# config system settings set gui-enforce-change-summary {disable | require | optional} end
- Disable: No prompt to add a summary is given. - Required: Users are required to add a summary. - Optional: Users will be prompted to add a summary, but it will not be mandatory.
Note: The default option for the policy summary feature is 'required'. However, the option will not be applied until the feature is enabled as in the instructions above.
In a multiple VDOM environment, the policy summary option can be enabled on a per-VDOM basis:
Under Global -> System -> VDOM, select the VDOM and enable the feature with the preferred option:
The Audit trail feature can be used to review the policy change summaries, along with the date and time of each change and a log of which administrator committed the change.
To review the audit trail in the GUI: - Go to Policy & Objects -> Firewall Policy. - Select the desired policy.
- Select Audit Trail to open the summary list for that policy.
- From the list of entries, select the desired item.
NOTES :
Related Troubleshooting commands
Debug logs from httpsd debugging:
# diagnose debug reset # diagnose debug application httpsd -1 # diagnose debug console time enable # diagnose debug enable
To disable the debugging:
# diagnose debug disable # diagnose debug reset
FortiGate Debugger Chrome Extension
Related articles: Log hard disk: 'Not available' message when hard disk is present in the unit
|
