- Forums
- Knowledge Base
- Customer Service
- Internal Article Nominations
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiBridge
- FortiAuthenticator
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDDoS
- FortiDAST
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiGate Cloud
- FortiExtender
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiMonitor
- FortiManager
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecorder
- FortiRecon
- FortiSandbox
- FortiScan
- FortiSASE
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- FortiWebCloud
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- Re: Local Logs + Reports on FG100F
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Local Logs + Reports on FG100F
Hi,
maybe we missed something and this feature was removed but I would like to see local reports and before I had like 7 versions on the memory (in Log Settings > Local Logs it is activated) and I dont see anything else.
Also on Forticloud we had like 7 days some reports.
Is it possible that there is no option anymore without another licence?
Thanks,
Roland
Solved! Go to Solution.
Labels:
- Labels:
-
FortiGate
1 Solution
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
What is the FortiOS version you are using?
Logging to memory still is available on the 'small' FGTs, and does not require any license. It is (at least) configurable in CLI:
config log memory setting
set status enable
end
config log memory global-setting
set max-size 10485760
end
Depending on the HW revision of your FGT you may specify a bigger amount of memory dedicated to logging (== RAM disk).
If you do log into memory you probably want to suppress superfluous log entries, like these:
config log memory filter
set multicast-traffic disable
config free-style
edit 1
set category ssl
set filter "logid 1700062302"
set filter-type exclude
next
edit 2
set category event
set filter "logid 0100026001 or logid 0100026003 or logid 0100040704"
set filter-type exclude
next
end
end
This will filter DHCP messages and then some. Log IDs are listed in the Log Reference manual. 62302 is about cert resigning, 2600x about DHCP and 40704 is the performance log entry.
Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
6 REPLIES 6
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
What is the FortiOS version you are using?
Logging to memory still is available on the 'small' FGTs, and does not require any license. It is (at least) configurable in CLI:
config log memory setting
set status enable
end
config log memory global-setting
set max-size 10485760
end
Depending on the HW revision of your FGT you may specify a bigger amount of memory dedicated to logging (== RAM disk).
If you do log into memory you probably want to suppress superfluous log entries, like these:
config log memory filter
set multicast-traffic disable
config free-style
edit 1
set category ssl
set filter "logid 1700062302"
set filter-type exclude
next
edit 2
set category event
set filter "logid 0100026001 or logid 0100026003 or logid 0100040704"
set filter-type exclude
next
end
end
This will filter DHCP messages and then some. Log IDs are listed in the Log Reference manual. 62302 is about cert resigning, 2600x about DHCP and 40704 is the performance log entry.
Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
it is a FG100F with 7.4.3.
It is a critical environment, enabling the logs should not affect in anything, no?
Thanks!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Well, it will cost you memory. The 100F either has 2 or 4 GB of RAM.
IMHO logging to memory is only a workaround, that is, temporary. If you are serious about that network you will plan for a FAZ soon.
Then again, "critical" and "7.4" in one sentence?
Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Local reporting is available only on models with a disk, such as the FortiGate 101F. The free edition of FortiCloud includes a 360-degree report that cannot be modified. For long-term reporting and customization, consider purchasing FortiAnalyzer. Alternatively, you can use open-source syslog servers that support reporting. In this setup, the FortiGate will forward traffic to the syslog server, which will then generate the reports.
Cheers,
Cheers,
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
just to get this right, all models (our FG100F, 60F, 200F) dont have storage for local logs as our 81E, etc. So there is no option in Log&Report > Reports and Local.
But in the 100, 200 FGs I still dont have an option to see the reports on Fortigate Cloud, should they not be saved there to access?
Thanks,
Roland
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
On FGT models without internal SSD there is no option for local reports. Logging to memory is fine, log browsing, FortiView, but no reports.
For FAZ-Cloud, which is a SaaS from Fortinet, you need to obtain a license. Then you can enable logging to cloud (conf log fortianalyzer-cloud settings) and specify the credentials. FortiOS will check whether the FGT is entitled to log to cloud.
Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
Announcements
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
Related Posts
- Configuring various Syslog Server problem 245 Views
- Local Logs + Reports on FG100F 371 Views
- Issue resolving www.epicagames.com 374 Views
- SSL VPN Failure Permission Denied -455... 1709 Views
- Voip Problems after Upgrade from FG100D... 220 Views
Labels
-
FortiGate
7,155 -
FortiClient
1,412 -
5.2
801 -
5.4
639 -
FortiManager
619 -
FortiAnalyzer
456 -
6.0
416 -
FortiAP
375 -
FortiSwitch
372 -
5.6
362 -
FortiClient EMS
291 -
FortiMail
281 -
6.2
251 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
175 -
FortiNAC
128 -
6.4
128 -
FortiGuard
115 -
IPsec
107 -
SSL-VPN
103 -
FortiGateCloud
97 -
FortiSIEM
93 -
FortiCloud Products
89 -
FortiToken
76 -
Customer Service
71 -
Wireless Controller
65 -
4.0MR3
64 -
FortiProxy
49 -
SD-WAN
48 -
FortiADC
45 -
FortiEDR
44 -
Fortivoice
44 -
FortiDNS
39 -
FortiExtender
35 -
FortiGate v5.4
35 -
FortiAuthenticator
35 -
FortiSandbox
34 -
Firewall policy
33 -
FortiSwitch v6.4
32 -
VLAN
31 -
High Availability
31 -
DNS
24 -
FortiWAN
24 -
FortiConnect
24 -
ZTNA
23 -
BGP
21 -
FortiConverter
21 -
Certificate
20 -
SAML
19 -
FortiGate v5.2
19 -
FortiPortal
18 -
LDAP
18 -
Interface
18 -
FortiSwitch v6.2
17 -
Routing
17 -
VDOM
17 -
FortiMonitor
15 -
Authentication
15 -
FortiGate v5.0
14 -
FortiLink
14 -
Fortigate Cloud
14 -
FortiDDoS
14 -
Logging
14 -
NAT
13 -
RADIUS
12 -
FortiCASB
12 -
Web profile
11 -
Traffic shaping
10 -
Virtual IP
10 -
SSO
10 -
SSL SSH inspection
10 -
FortiRecorder
10 -
Application control
10 -
SSID
9 -
FortiWeb v5.0
9 -
FortiManager v5.0
9 -
WAN optimization
9 -
4.0MR2
9 -
IP address management - IPAM
8 -
FortiBridge
8 -
FortiGate v4.0 MR3
8 -
OSPF
8 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
FortiAnalyzer v5.0
7 -
SNMP
7 -
4.0
7 -
Admin
7 -
Web application firewall profile
7 -
Static route
6 -
Security profile
6 -
Proxy policy
6 -
Traffic shaping policy
6 -
FortiAP profile
6 -
Automation
6 -
IPS signature
5 -
Packet capture
5 -
DNS Filter
5 -
FortiCache
5 -
FortiManager v4.0
5 -
trunk
5 -
FortiDeceptor
4 -
FortiDirector
4 -
Web rating
4 -
Intrusion prevention
4 -
Port policy
4 -
Antivirus profile
4 -
FortiPAM
4 -
FortiCarrier
4 -
FortiTester
4 -
3.6
4 -
DLP sensor
4 -
FortiScan
4 -
Fabric connector
3 -
NAC policy
3 -
Multicast routing
3 -
System settings
3 -
FortiToken Cloud
3 -
Traffic shaping profile
3 -
Fortinet Engage Partner Program
3 -
DLP Dictionary
3 -
DLP profile
3 -
FortiDB
3 -
DoS policy
3 -
Email filter profile
3 -
FortiInsight
2 -
Netflow
2 -
Users
2 -
Protocol option
2 -
FortiAI
2 -
Application signature
2 -
FortiHypervisor
2 -
VoIP profile
2 -
Internet Service Database
2 -
Explicit proxy
2 -
4.0MR1
1 -
Multicast policy
1 -
Zone
1 -
FortiCWP
1 -
Kerberos
1 -
Subscription Renewal Policy
1 -
FortiNDR
1 -
TACACS
1 -
Replacement messages
1 -
Schedule
1 -
SDN connector
1 -
FortiManager-VM
1 -
Authentication rule and scheme
1 -
Service
1
Top Kudoed Authors
| User | Count |
|---|---|
| 1062 | |
| 887 | |
| 527 | |
| 441 | |
| 151 |
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.