Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
superlativenickname
New Contributor

No FortiGate log for admin user creation events

Hi there,

Is it normal that FortiOS doesn't log admin user creation events? I figured it was standard practice. I can't find anything regarding admin user events in the log reference. Thank you.

 

While I'm here, I actually have a few more questions about different logged events. For example, is there any reference to explain the difference between Log ID 00003 (Traffic violation - deny) and Log ID 00011 (Failed connection attempts)? To my understanding, these are quite similar. Does log ID 00011 only get logged for TCP syn packets and 00003 for any packet/port/protocol? Thank you!

2 REPLIES 2
cravikumar
Staff
Staff

No, logs will be generated when you create an admin account on the FortiGate. Refer to the link below.

https://docs.fortinet.com/document/fortigate/7.2.5/fortios-log-message-reference/44547/44547-logid-e...

P R Chaitanya
mle2802
Staff
Staff

Hi @superlativenickname,

Did you check under system event as well as change between log location such as memory and FortiGate Cloud?

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors