Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Web Filter logs



We're using Forticlient EMS and in our new profile I've setup the Web Filtering. Now I also actived the Log all URLS and Log all user initiated traffic.

But somehow I can't find the log files of that part. I can see logs by going to View and then View logs. But I went to a blocked site on a client and I cant find the traffic/event in those logs. The logs are setup from info to emergency.


Are these logs only client based or am I just looking at the wrong part of EMS? 


Thanks in advance.


Hello Jussie!


Those options are related to the integration between EMS and FortiAnalyzer as a repository for FortiClient traffic. Changes in there will affect traffic on FortiView options for endpoints on FortiAnalyzer (see attached). As for now, EMS cannot store client logs (its not a log repository, as the Analyzer), only its own server events (View Logs option). As for the client, it can only view violations of the WebFilter sensors. It also cannot store traffics logs.


To configure log submission to FortiAnalyzer, go to the Endpoint profile - System Settings - Log Settings.

Top Kudoed Authors