FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
akawade
Staff
Staff
Article Id 195218

Description


This article describes what to check when there are no logs under web filter and getting message as 'No Matching entries found.

 

Scope

 

FortiGate.

Solution

 

Go to Logs & Report -> Web filter and get a message 'No Matching entries found'.
 
 
If there are no web filter logs, the below are the checks which needs to be done :
  1. Make sure that the web filter profile has been applied in the LAN to WAN policy and Deep Inspection is applied in policy.
  2. Logging is enabled as All Session.
  3. The Severity of the logging is set as Information depending on where the logging is enabled Memory/Disk

If logging is enabled on Memory :

 
config log memory filter
    set severity information
    end
 
If logging is enabled on Disk:
 
config log disk filter

    set severity information
end

 

Refresh the GUI and check whether the web filter logs are visible.


If not:

  1. Restart the logging process.
  • Check the logging process ID:

diag sys top 5 99

 

The highlighted are the logging process with the process ID.

 

                                                  csharma85_1-1736988011497.png

 

  • To restart the process:

 

diag sys kill 11 16822

diag sys kill 11 16820

 

Here, only 2 processes are seen.


However this process are seen multiple times with different process ID. Note them and kill those process ID’s too. Here, killing the process itself means restarting the processes.

 

Refresh the GUI and check for the Web filter logs. The Test logs can be generated to check the status:

 

diag log test

 

If the issue is still present,  create a ticket in the support portal for further troubleshooting.