Hello,
On a Fortigate system memory log storage (like 50E and 60E), how the logs storage is measured?
For example, on 6pm today can I view the logs from 4pm of yesterday? If not, what is the reasoning for consulting the logs on this type of firewalls?
Thank you
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi, It depends how much log you generate and how much "space=memory" you reserve for them. If the "space" running out, oldest logs are purged. Best
________________________________________________________
--- NSE 4 ---
________________________________________________________
Logging to memory quickly runs out, even if you are not logging that much info - it's really meant to help with troubleshooting something in near-real time. If your company has needs to keep track/records of certain traffic, it should invest in a logging device (i.e. FortiAnalyzer, cloud, syslog, etc.).
That said, the 60E does have a 128 GB SSD (according to specs) (The 50E model does not, but the 51E models does). You could try enabling logging to disk, but on those smaller fgt models it's really not advisable.
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
________________________________________________________
--- NSE 4 ---
________________________________________________________
Thank you guys this was helpful
I'm going for the 61E
BR
Yes that's correct, plus 128GB is not all for logging either. No FGT uses the complete disk for logging.
PCNSE
NSE
StrongSwan
The memory used for syslog is limited on the local device. I'd strongly recommend you to use an external node as a logging server. I had to get the logs of 4 hours of operation and it was something like 30 MB of syslog.
This being said, if you just log stuff on an external linux server with some 4 TB of storage, you will be able to track all your devices from one point and not overwhelm their internal memory.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1732 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.