Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
seadave
Contributor III

Disable logging for a particular web filter

Hello-

 

I'm running 5.2.3.  We block the category "Advertising" using a proxy enabled Web filter.  Works fairly well and I think also reduces the chances that we get hit with ad-stream drive by malware.  Anyway the problem is that this generates a ton of log traffic and I'd like to stop logging this one category to reduce the clutter sent to my FAZ.

 

I was wondering how I might create a rule with category "Advertising" set to block, but not logged.  I figured it out via the CLI:

 

Backup your config and open it in Notepad++ (a great free text editor!) to use as a reference.

 

Do a Ctrl-F to search for the webfilter name.  Note all of the categories and their sections.  You can obtain the current category list by typing:

 

config webfilter profile

       edit default

              config ftgd-wf

                     config filters

                            edit 1

                                  set category ?

Here they are as of 5.2.3:

0 Unrated

1 Drug Abuse

2 Alternative Beliefs

3 Hacking

4 Illegal or Unethical

5 Discrimination

6 Explicit Violence

7 Abortion

8 Other Adult Materials

9 Advocacy Organizations

11 Gambling

12 Extremist Groups

13 Nudity and Risque

14 Pornography

15 Dating

16 Weapons (sales)

17 Advertising

18 Brokerage and Trading

19 Freeware and Software Downloads

20 Games

23 Web-based Email

24 File Sharing and Storage

25 Streaming Media and Download

26 Malicious Websites

28 Entertainment

29 Arts and Culture

30 Education

31 Finance and Banking

33 Health and Wellness

34 Job Search

35 Medicine

36 News and Media

37 Social Networking

38 Political Organizations

39 Reference

40 Global Religion

41 Search Engines and Portals

42 Shopping and Auction

43 General Organizations

44 Society and Lifestyles

46 Sports

47 Travel

48 Personal Vehicles

49 Business

50 Information and Computer Security

51 Government and Legal Organizations

52 Information Technology

53 Armed Forces

54 Dynamic Content

55 Meaningless Content

56 Web Hosting

57 Marijuana

58 Folklore

59 Proxy Avoidance

61 Phishing

62 Plagiarism

63 Sex Education

64 Alcohol

65 Tobacco

66 Lingerie and Swimsuit

67 Sports Hunting and War Games

68 Web Chat

69 Instant Messaging

70 Newsgroups and Message Boards

71 Digital Postcards

72 Peer-to-peer File Sharing

75 Internet Radio and TV

76 Internet Telephony

77 Child Education

78 Real Estate

79 Restaurant and Dining

80 Personal Websites and Blogs

81 Secure Websites

82 Content Servers

83 Child Abuse

84 Web-based Applications

85 Domain Parking

86 Spam URLs

87 Personal Privacy

Type exit after you find the number of the one you want to modify.  In my case, Advertising is 17.  Now type the following:

                           

config webfilter profile

        edit "filtername you want to change"

               config ftgd-wf

                        config filters

 

Using your config file in Notepad++ locate the filter section under the filtername you are modifying.  In my case, category 17 was located under filter section "36".

 

So to continue:

                                edit 36

 

Type "show" to see the current config.  In my case it was:

 

config filters

      edit 36

            set category 17

            set action block

      next

end

 

Type:

 

set log disable

 

Now that category will still be blocked but will not clutter your logs.

 

I have to say that I wish things like this were simply tick boxes next to the filter in the GUI, but at least you have the option to modify via the CLI.

 

Nice!

2 REPLIES 2
ede_pfau
SuperUser
SuperUser

Now that category will still be logged but will not clutter your logs.
You meant, "will still be blocked..."

Nice hint anyway, thanks.

Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
seadave

Fixed, thanks!

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors