Hi, All
I Have Fortigate v6.0.5 build0268 (GA) (Virtual Appliance). And I have some problem with Forward Traffic log displaing.
I need to display events with particular address in destination field. For it I choose "destination" in filter and type in "somesite.com" (without quotes), but the list still shows all messages. It looks like filter not working. The same thing happens, when i choose "destination server" in filter options.
What i'm doing wrong? What I need to do, to display events with particular address in destination field?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Destination filter takes only IP. If you open the log detail, you wouldn't see "somesite.com" in the log, even you might be seeing in the table under Destination column in parentheses. Either convert the URL to IP then use it for Destination filter or user something else like Application, which shows up in the log detail.
Thanks gro your answer.
But how can I filter log display if I need to show for wildcard destination address? For example, I need events, where in destination field there are present *microsoft.com, or *somesite*? Is it possible?
You can open a ticket at TAC to get a definitive answer. But I'm 90% sure you can't at least with the current GUI software because I believe the filters are simply filtering/matching log content literary with the "keys" you put in.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1517 | |
1013 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.