Description |
This article describes how to run IPS engine debug in 6.4 and later firmware’s. |
Scope |
FortiGate v6.4. FortiGate v7.0. |
Solution |
The old '# diag debug application ipsmonitor -1' command is now obsolete and does not show very useful data.
Do not use it unless specifically requested.
Here is how to debug IPSengine in 6.4 or later:
# diag ips debug enable ?
Select the appropriate categories to filter the outputs, or select 'All' example:
# diagnose ips debug enable ssl # diagnose ips debug enable dissector
To set the source filter on IPS for diagnosing 1 particular source ip so that the logs generated are less, run below commands:
# diag ips filter set 'src 192.168.2.1'
Verify the source as it is important step to verify it so it shows logs are filtered as per below command:
# diag ips filter status |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.