FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article describes why the Application Control logs are not displayed in FortiAnalyzer Log View > Security.
Scope
FortiGate.
Solution
The following two configurations must be in place for the FortiGate to forward the Application control logs to the FortiAnalyzer.
The respective firewall policy must be configured with the Application Control profile, in which the log setting must be enabled.
config application list edit "Test_Application_Control_Profile" config entries edit 1 set log enable next end end
Application Control logs have the severity level of 'information', so the FortiAnalyzer log filter setting must be set to send severity 'information' severity level logs to FortiAnalyzer in the FortiGate.
config global config log fortianalyzer filter set severity information end end
Use the following log test command in FortiGate and validate that Application Control logs are now visible in FortiAnalyzer Log View -> Security -> Application Control.
