- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Exclude logs to Syslog
Hi Team,
We are trying to use the free style and exclude the traffic from the logs. Though we configured using the below link we still see the logs in the syslog. May i know if this config is correct at all?
Configuring advanced syslog free-style fi... - Fortinet Community
We need to exclude complete subnet.
config log syslogd filter
config free-style
edit 1
set category traffic
set filter "srcip 10.0.0.0 255.255.255.0"
set filter-type exclude
next
end
end
- Labels:
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
hi,
maybe try , set filter "srcip 10.0.0.*" or set filter "srcip 10.0.0.0 10.0.0.255"
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
i also have the same problem, this is not working :(
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I set up
...
edit 3
set category traffic
set filter "srcip 192.168.234.*"
set filter-type exclude
next
tested, and it does work. FOS v7.2.8.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
cool thanks ! however what if i want /30 instead of /24
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you @ede_pfau if i use 192.168.10.* then it will cover complete 192.168.10.0/24.
But what we need need subnets like /22, /26, /27. Not really sure why this is not working with the existing config though :(
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
config free-style
edit 3
set category traffic
set filter "srcip 192.168.234.1-192.168.234.62"
set filter-type exclude
next
end
This will exclude 192.168.234.0/26. That is, include explicit ranges of IPs.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Unfortunately, this also did not work :(