Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
fitful
New Contributor

log & report after upgrade to 5.0.3

I have a problem after upgrading to version 5.0.3 does not have the ability to generate reports. Whether this version does not have this option?
16 REPLIES 16
fitful
New Contributor

I have fortigate 60C and I still can' t generate report locally on device
 Version: FortiGate-60C v5.0,build0208,130603 (GA Patch 3)
 BIOS version: 04000027
 Log hard disk: Available
 Internal Switch mode: interface
 
according to your comment, I want to execute command: execute report-config reset I got error command
 FGT_ # execute report-config reset
  
 command parse error before ' report-config' 
 Command fail. Return code -61
 
What is wrong? Thanks for reply
RH2
New Contributor II

It appears there may be a bug in 5.0.3 as none of my 100Ds will generate a report.
GembuL
New Contributor

on FortiOS 5 you should enable extended-utm-log via CLI for each UTM profile to show your UTM logs, otherwise all of UTM logs will recognize as a normal traffic log
Jay_Libove
Contributor

Hi GembuL, You wrote
on FortiOS 5 you should enable extended-utm-log via CLI for each UTM profile to show your UTM logs, otherwise all of UTM logs will recognize as a normal traffic log
I' m confused about what the extended-utm-log setting does. By chance, I was talking to FortiNet tech support yesterday, and I think I understood them to tell me that, if I enable extended-utm-log in a web filter profile, then all URLs browsed will get logged. I want to avoid that both for volume and for employee privacy purposes. But, are you saying, if I don' t enable extended-utm-log, then I cannot get detailed reports on volumes of sites used? thanks for clarifying.
Alivo__FTNT
Staff
Staff

Is there a possibility ignoring this warning?
Yes, as long as you type " end" after: config log disk setting ; set status enable This is basically information that heavy logging can damage local flash - due to its nature - constant I/O on the disk does its job :) but that is common behaviour for this kind of memory. Point is that many FortiGates users/admins decided to log absolutely everything, every single java script and packets and all - in fact 99% of time - useless information. I saw 60C device logging over 3 million logs per day - rather crazy. But in some cases it is understandable. Here I would suggest FortiAnalyzer. Forticloud (200GB) What kind of logs are logged can be seen in cli: get log disk filter get log memory filter get log fortiguard filter get log setting ^^ can be configured (ie. #config log disk filter) when enabling: extended-utm-enable in UTM profile/sensor (AV, Webfilter, IPS...) more logging options will be available: config webfilter profile edit default set extended-utm-log enable next end here are the new logging options: log-all-url Enable/disable log all URLs visited. web-content-log Enable/disable logging for web filter content blocking. web-filter-activex-log Enable/disable logging for web script filtering on ActiveX. web-filter-command-block-log Enable/disable logging for web filtering on command blocking. web-filter-cookie-log Enable/disable logging for web script filtering on cookies. web-filter-applet-log Enable/disable logging for web script filtering on Java applets. web-filter-jscript-log Enable/disable logging for web script filtering on JScripts. web-filter-js-log Enable/disable logging for web script filtering on Java scripts. web-filter-vbs-log Enable/disable logging for web script filtering on VB scripts. web-filter-unknown-log Enable/disable logging for web script filtering on unknown scripts. web-filter-referer-log Enable/disable logging of web filter referer block. web-filter-cookie-removal-log Enable/disable logging of web filter cookie block. web-filter-sdns-action Action to take for blocked domains. web-filter-sdns-portal IP address of the SDNS portal. web-url-log Enable/disable logging for URL filtering. web-invalid-domain-log Enable/disable logging for web filtering of invalid domain name. web-ftgd-err-log enable logging for FortiGuard Web Filter rating errors web-ftgd-quota-usage enable logging for FortiGuard Web Filter quota usage each day Now, do you need to log all that? Not all but some certainly. Ie. In FortiCloud > drilldown > it will show " No Data" for Web Activity as this category in DrilldDowns is based on Webfilter logs. Network Activity is based on traffic logs and UTM activity is based on..UTM logs (Security Profiles) But I got too far here I see :) You can ignore the message received upon enabling logging to disk but you can also reconsider.

livo

Nicolas_KARP

Hi Everyone, I have some spare time in order to test the fortinet device. So far, i' m working on the 60D and I wanted to check the report feature and i' m facing the same issue as you. I can' t generate a report from the GUI even if the logs are saved on the disk ( I know they said it' s a bad idea :) ) Did you manage to find a workaround for this issue ? Thanks. Nicolas.
System and Network Engineer
System and Network Engineer
Mehdi
New Contributor III

I Know this post is old, but this may help other people...

I have a FG 90D with FortiOS 5.4.8 running, and i was facing kind of similar problem.

i tried multiple commands for enabling disk logging, even memory logging, but after that I've had no luck finding the Local Report menu, and finally i found this:

in this version you should enable local Report from:

System>Feature Select> Local Report

 i hope this helps some people.

Labels
Top Kudoed Authors