If implicit deny logs are missing in FortiGate, and if it is necessary to view them, go under the Log and report section:

1. 'Right-click' on 'Implicit' deny policy and check whether 'log violation traffic is enabled or not'.
   
   
2. Enable this option in CLI:

config log setting
    set fwpolicy-implicit-log enable
end

3. If it is memory logging, execute this command:

config log memory filter
    set severity information
end

4. If it is disk logging, execute this command:

config log disk filter
    set severity information
end

5. Enable logging to deny the firewall policy:

    

config firewall policy

    edit 0
        set name "Implicit Deny"
        set srcintf "any"
        set dstintf "any"
        set srcaddr "all"
        set dstaddr "all"
        set schedule "always"
        set service "ALL"
        set logtraffic all
    next

end

6. Go to Log & Report -> Forward Traffic, and the deny logs will be visible over here.

    

Note: Traffic destined for the FortiGate interface itself, such as management traffic, is considered local traffic. If this traffic is blocked by the implicit deny (because no specific policy is configured to allow it), it will be logged under local traffic logs, not forward traffic logs. Local traffic logs capture traffic that originates or terminates on the FortiGate itself, whereas forward traffic logs are for traffic passing through the FortiGate.

Related article:
Technical Tip: Local traffic logs and policy ID 0