Use the following debugging command to display the HTTP flow for the Explicit Proxy Service:

diagnose debug disable
diagnose debug reset
diagnose wad debug enable category http

diagnose wad debug enable level info

diagnose debug enable

To stop the debug, run the commands:

diagnose debug disable

diagnose debug reset

Step 1: Receive an HTTP request from the client:

[0x7ff98710b050] Received request from client: 192.168.244.4:2052

GET http://www.example.com/ HTTP/1.1

Accept: text/html, application/xhtml+xml, */*

Accept-Language: en-US

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko

Accept-Encoding: gzip, deflate

Host: www.example.com

Step 2: FortiProxy/FortiGate sends a DNS request for www.example.com:

[0x7ff98710b050] DNS request name=www.example.com len=10 type/pref=0/0

Step 3: FortiProxy/FortiGate sends an HTTP request to the www.example.com server:

[0x7ff98710b050] Connect to server: 184.29.23.193:80

[0x7ff98710b050] Forward request to server:

GET / HTTP/1.1

Accept: text/html, application/xhtml+xml, */*

Accept-Language: en-US

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko

Accept-Encoding: gzip, deflate

Host: www.example.com

DNT: 1

Connection: Keep-Alive

Step 4: FortiProxy/FortiGate receives an HTTP response from the server:

[0x7ff98710b050] Received response from server:

HTTP/1.1 200 OK

Server: Apache

Last-Modified: Thu, 07 Mar 2019 16:52:00 GMT

ETag: "e0e1-58383ecc76c00"

Accept-Ranges: bytes

Content-Encoding: gzip

X-Frame-Options: SAMEORIGIN

Content-Type: text/html; charset=UTF-8

X-Akamai-Transformed: 9 - 0 pmb=mTOE,2

Date: Thu, 28 Mar 2019 02:06:48 GMT

Content-Length: 10427

Connection: keep-alive

Step 5: FortiProxy/FortiGate forwards the HTTP response to the client:

[0x7ff98710b050] Forward response from server:

HTTP/1.1 200 OK

Server: Apache

Last-Modified: Thu, 07 Mar 2019 16:52:00 GMT

ETag: "e0e1-58383ecc76c00"

Accept-Ranges: bytes

Content-Encoding: gzip

X-Frame-Options: SAMEORIGIN

Content-Type: text/html; charset=UTF-8

X-Akamai-Transformed: 9 - 0 pmb=mTOE,2

Date: Thu, 28 Mar 2019 02:06:48 GMT

Content-Length: 10427

Note: 

The WAD debugging index number [0x7ff98710b050] can be used as a reference for the WAD debugging line that relates to this Explicit Proxy flow.

The following commands are debug commands to filter the WAD flow output:

For example:

diagnose wad filter vd root 
diagnose wad filter firewall-policy 1

The following error will appear if only policy is specified:

diagnose wad filter firewall-policy 1
Vdom is not set.
Command fail. Return code -160

Many filters can be used at the same time to narrow down the generated logs as much as possible. 

diagnose debug console timestamp enable 

diagnose wad debug enable category ssl 

diagnose wad debug enable level verbose 

diagnose wad debug display pid enable 

diagnose wad filter src x.x.x.x >>>>> x.x.x.x is source IP

diagnose wad filter dst x.x.x.x >>>>> x.x.x.x is destination IP

To check the WAD debug status:

diagnose wad debug show 

Category: ssl

Level: verbose

Save debug on crash: disabled

Display: pid enabled

To check WAD debug filters: 

diagnose wad filter list
drop unknown sessions: disabled
source ip: 1.1.1.1-1.1.1.1
dest ip: 8.8.8.8-8.8.8.8

Enable debugging with: 

diagnose debug enable 

To stop debugging: 

diagnose debug disable 

diagnose debug reset 

diagnose wad filter clear