Hi all,
I'm new to FortiGate UTM appliances, so forgive my ignorance  I have a FortiGate 30E deployed in a production environment and I have it setup to forward logs to FortiCloud. There's a few things I'm unclear about. In my old SonicWall units, I could send logs to an e-mail address. Those logs used to look like this:
 I have a FortiGate 30E deployed in a production environment and I have it setup to forward logs to FortiCloud. There's a few things I'm unclear about. In my old SonicWall units, I could send logs to an e-mail address. Those logs used to look like this:
17 07/28/2016 13:36:23.064NoticeNetwork AccessUDP packet dropped66.186.74.173, 10787, X176.9., 60771, X1UDP Port: 60771 18 07/28/2016 13:36:37.112NoticeNetwork AccessICMP packet dropped due to policy45.55.107.153, 3, X176.9., 3, X1ICMP Destination Unreachable, Code: 10 19 07/28/2016 13:36:52.128NoticeNetwork AccessTCP connection dropped60.249.103.226, 4956, X176.9., 1433, X1TCP RPC Services 20 07/28/2016 13:36:55.496DebugNetwork AccessHTTP method detected; examining stream for host header192.168., 49340, X052.9.90.51, 80, X1TCP HTTP 21 07/28/2016 13:37:34.464NoticeNetwork AccessUDP packet dropped219.79.60.75, 40752, X176.9., 23653, X1UDP Port: 23653 22 07/28/2016 13:37:57.224DebugNetwork AccessHTTP method detected; examining stream for host header192.168., 50862, X052.9.90.51, 80, X1TCP HTTP
These logs showed me when traffic was blocked by the WAN->LAN DENY ALL firewall policy. It's a requirement for me to be able to see these block connections. In FortiCloud, unless I'm missing it somewhere, I can't find where I would see this. Even statistically, for example, "Top Block Connections" or whatever. The FortiGate's firewall policy is implicit and was created by default, but I have turned on the only logging option that I can on it (see attached screenshot to this post).
Anyone with any insight ?
bump ? Anyone ?
hi,
traffic is only logged if the logging level is as low as 'Information'.
Second, you can receive logs via email as well, and this sometimes is more detailed than the log entries. Alert email is configured in 'Log Settings' as well.
 
					
				
				
			
		
| User | Count | 
|---|---|
| 2678 | |
| 1412 | |
| 810 | |
| 703 | |
| 455 | 
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.