Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ssan239
New Contributor III

Exclude logs to Syslog

Hi Team,

We are trying to use the free style and exclude the traffic from the logs. Though we configured using the below link we still see the logs in the syslog. May i know if this config is correct at all?

Configuring advanced syslog free-style fi... - Fortinet Community

 

We need to exclude complete subnet. 

 

config log syslogd filter
config free-style
   edit 1
     set category traffic
     set filter "srcip 10.0.0.0 255.255.255.0"
     set filter-type exclude
   next
end
end

7 REPLIES 7
funkylicious
SuperUser
SuperUser

hi,

maybe try , set filter "srcip 10.0.0.*" or set filter "srcip 10.0.0.0 10.0.0.255"

"jack of all trades, master of none"
"jack of all trades, master of none"
lemm

i also have the same problem, this is not working :(

ede_pfau
SuperUser
SuperUser

I set up


...

edit 3
   set category traffic
   set filter "srcip 192.168.234.*"
   set filter-type exclude
next


tested, and it does work. FOS v7.2.8.

Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
lemm
New Contributor

cool thanks ! however what if i want /30 instead of /24 

ssan239
New Contributor III

Thank you @ede_pfau  if i use 192.168.10.* then it will cover complete 192.168.10.0/24.

But what we need need subnets like /22, /26, /27. Not really sure why this is not working with the existing config though :(

ede_pfau

config free-style
edit 3
set category traffic
   set filter "srcip 192.168.234.1-192.168.234.62"
   set filter-type exclude
   next
end

 

This will exclude 192.168.234.0/26. That is, include explicit ranges of IPs.

Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
lemm
New Contributor

Unfortunately, this also did not work :(

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors