Help
FortiWeb
A FortiWeb can be configured to join a Security Fabric through the root or downstream FortiGate.
okhatab
Staff
Staff

Created on ‎10-16-2024 01:51 AM Edited on ‎03-18-2025 03:28 AM By Staff

Article Id 349712

Technical Tip: How to ensure FortiWeb will show matched pattern in attack logs

Description This article describes why some attack logs do not show the matched pattern in the attack logs and how to resolve the issue.
Scope FortiWeb.
Solution

By default, FortiWeb will retain the first 4 KB of data from the offending HTTP request payload that triggered the log message and will truncate the rest. So, if the matched pattern is within the truncated excess, it will not be visible.

 

Packet Adjustment feature has been introduced in version 7.4 (and newer). When enabled, it will ensure that the matched attack pattern is consistently preserved.

 

To enable the option:

  • From Web UI:


enablepacketadj.png

 

  • From CLI:

 

config log attack-log
    set adjust-packet enable
end

 

For more information on logging on FortiWeb, visit the following document: Logging
Labels:
310
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.