Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi
you need to verify 2 things.
1) You need to have application control sensor enabled with logging on the firewall policy allowing outbound traffic. This will log the correct application names config application list edit <sensor name> set extended-utm-log enable set unknown-application-action <pass|block> end
2) check the log Severity
# config log <memory/disk> filter # set severity information # end
Hi
wahtever you do meaning base on logging absolut prerequisit is a full log config with all aspects. This meas acutally following positions are responsible for resolving ip/host/apps:
5.0
# config log setting
# set resolve-apps enable # set resolve-hosts enable # set resolve-ip enable
5.2
# config log setting
# set resolve-ip enable # set resolve-port enable
# config log gui-display # set location [Gebe an forticloud | memory | disk | fortianalyzer | syslogd] # set resolve-hosts [enable | disable] # set resolve-apps [enable | disable]
This means look at following entry here in this forum which shows for 5.0/5.2 a full config of log. Go through this config and you will see there is more as only a option behind logging :) Please keep in mind that the DNS server used to resolve host and Ip are importante this means internal host can only be resolved within logging if a suitable DNS server is used on the FortiGate System DNS config. I think you understand what I mean:
https://forum.fortinet.com/tm.aspx?m=114371
have fun....
Andrea
Hi
It might be torrent peers.
Regards
Bikash
Hi,
Does this happening with all the applications.
Simply try nslookup <ip> and see if you getting any fqdn associated with that.If not then this is correct behaviour.
Regards,
Sushil
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1641 | |
1069 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.