Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

FortiGate IPv4 DoS Logging - What should I be looking for in the logs?


I enabled a few IPv4 DoS policies on a 600E running 6.4.3 with Logging enabled and an Action of Monitor.

I'd like to look through the syslogs (or other logs?) to find if the default thresholds are working correctly before I set the DoS Policy for Block.

Would I find these messages in the syslog output?  If so, what keyword(s) would I be looking for?  I can't seem to find much info on the logging/monitoring.

Even better, I'd love to see information on my current values (tcp_syn, for example) so as to better set the Thresholds based on our "normal" traffic values.

Can anyone please help?



New Contributor

According to FortiNet Tech Support, I should be looking for the following anomalies: 18432, 18433, 18434.  See 

Top Kudoed Authors