Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
myrdin
New Contributor

Created on ‎07-28-2015 10:27 PM

Fortigates local disk retention and thresholds

Hi,

 

silly question probably: at some point the local disk on the fortigates will get full (both logs and reports). Where can i find the policy for retention? Does the fortigate have a mechanism that if a threshold is breached it will start deleting old logs and reports?

 

thanks

 

8763
0 Kudos
2 Solutions
Sylvia
Contributor II

Created on ‎07-29-2015 12:55 AM

Hm, I am not aware of a dedicated retention setting/policy.

 

There's just:

config log disk setting   set diskfull {nolog | overwrite}

  set full-first-warning threshold   set full-second-warning threshold   set full-final-warning threshold

end

(refer to http://docs.fortinet.com/d/fortigate-fortios-5.2-cli-reference)

 

Sylvia

View solution in original post

3463
0 Kudos
FatalHalt
Contributor II

Created on ‎07-29-2015 07:34 AM

Hey Myrdin,

 

You can use the settings below to set your thresholds. If you're using a server to roll the logs to, there are some more options that can be used as well. 

 

config log disk setting
    diskfull (nolog/overwrite) - have the FTG stop logging, or overwrite oldest logs when the disk is full.
    maximum-log-age (#) - Only keeps logs up until they are # of days old.
    log-quota (#) - Maximum size (in MB) of the disk the FTG can use for logging.
end

View solution in original post

3463
0 Kudos
4 REPLIES 4
Sylvia
Contributor II

Created on ‎07-29-2015 12:55 AM

Hm, I am not aware of a dedicated retention setting/policy.

 

There's just:

config log disk setting   set diskfull {nolog | overwrite}

  set full-first-warning threshold   set full-second-warning threshold   set full-final-warning threshold

end

(refer to http://docs.fortinet.com/d/fortigate-fortios-5.2-cli-reference)

 

Sylvia

3464
0 Kudos
FatalHalt
Contributor II

Created on ‎07-29-2015 07:34 AM

Hey Myrdin,

 

You can use the settings below to set your thresholds. If you're using a server to roll the logs to, there are some more options that can be used as well. 

 

config log disk setting
    diskfull (nolog/overwrite) - have the FTG stop logging, or overwrite oldest logs when the disk is full.
    maximum-log-age (#) - Only keeps logs up until they are # of days old.
    log-quota (#) - Maximum size (in MB) of the disk the FTG can use for logging.
end

3464
0 Kudos
myrdin
New Contributor

Created on ‎07-29-2015 03:37 PM

legends both of you. 

 

I cannot see the statement to overwrite with i set, so i suppose that is the default settings and it wont appear.

 

thanks

3400
0 Kudos
Sylvia
Contributor II
In response to myrdin

Created on ‎07-29-2015 10:28 PM

try show full after config log disk setting.

Then you see ALL settings - including the default ones.

3400
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.