Dear All,
Please note that I am not able to login to fortiweb web interface but I can login to SSH, and can see errors in console:
read only file system error log file could not open error log file /var/log/apache logs/error_log
read only file system error log file could not open error log file /var/log/apache logs/error_log
read only file system error log file could not open error log file /var/log/apache logs/error_log
to solve this issue i have to execute this command: execute formatlogdisk
is there any way to solve this issue, it has appears to me four to five time till now.
Please find below log settings in FortiWeb-VM:
--------------------------------------------------------------------
config log attack-log set packet-log parameter-rule-failed hidden-fields-failed http-protocol-constraints signature-detection custom-protection-rule anti-virus-detection illegal-xml-format ip-intelligence illegal-file-type cookie-security fsa-detection trojan-detection user-tracking-detection account-lockout-detection end config log traffic-log set status enable set packet-log enable end config log disk end config log email-policy edit "Email" set mailfrom fortiweb@umniah.con set mailto1 sshahin@umniah.com set mailto2 a.barakat@umniah.com set smtp-server 192.168.31.151 set severity alert set interval 2 set attach-compression enable next end config log alertmail end config log fortianalyzer-policy edit "Fortianalyzer" config fortianalyzer-server-list edit 1 set ip-address 192.168.142.5 next end next end config log trigger-policy edit "Trigger" set email-policy Email set analyzer-policy Fortianalyzer next end config log event-log set cpu-high 70 set mem-high 70 set trigger-policy Trigger set logdisk-high 70 end config log forti-analyzer set status enable set severity debug set fortianalyzer-policy Fortianalyzer end
-----------------------------------------------------------------
BR,
Hamoud Hamdan
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello Hamoud
hamoud.hamdan wrote:
is there any way to solve this issue, it has appears to me four to five time till now.
....
config log traffic-log
set status enable
...
Yes,
disabling traffic log;
It's not a good practice to maintain traffic log permanently.
From admin's guide:
" Logging performance If you have a FortiAnalyzer, store FortiWeb’s logs on the FortiAnalyzer to avoid resource usage associated with writing logs to FortiWeb’s own hard disks. For details, see "Configuring log destinations" on page 695. If you do not need a traffic log, disable it to reduce the use of system resources. For details, see "Enabling log types, packet payload retention, & resource shortage alerts" on page 693. Reduce repetitive log messages. Configure the alert email settings to define the interval that emails are sent if the same condition persists following the initial occurrence. For details, see "Configuring email settings" on page 712. Avoid recording log messages using low severity thresholds, such as information or notification, to the local hard disk for an extended period of time. Excessive logging frequency saps system resources and can cause undue wear on the hard disk and may cause premature failure. For details, see "Configuring log destinations" on page 695" .
regards
/ Abel
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1536 | |
1028 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.