syslog and reporting

sims · ‎07-16-2019

Hi,

600 series firewall , In web I can't find the syslog configuration .

How can i do that .And if we have multiple VDOM , Do I need to do all vdom ? .

And In web I cannot find the various reporting , How can I create a separate customized report

Thanks

hubertzw · ‎07-16-2019

1) enable logging, then in the policy where you attached security profile (web filtering) enable logging: all sessions or security only

2) logging in multivdom has common settings but you can set specific syslog/faz if you need

3) there are some stats in FortiView but not as you can see on FortiAnalyzer

aldolopez · ‎07-16-2019

you have configure from CLI. So, it's possible that configure override per VDOM. config global config log syslogd setting end Then, configure per VDOM the override syslog server.

Best Regards,

Aldo López

sims · ‎07-16-2019

Hi,

You mean to say that it is not possible to configure on web ,

The below commands are enough

config log syslogd setting set status enable set source-ip 192.168.4.5 end or

config log syslogd setting
set facility user
set port 514
set server [IP address of syslog server]
set status enable
set reliable disable
end
Do I need to set reliable disable ? 


second thing 
Once I set , how can I remove it later If no need ?

If I do it in global , how fortigate find the routes to the server

sims · ‎07-16-2019

Hi,

And I Cant find reports

Thanks

aldolopez · ‎07-17-2019

Hello, You must configure from CLI. If require reach VDOM Root, then must have connectivity to syslog. Remember, just apply override if required The reports it's active if disk available log (get sys status | grep Log)

Best Regards,

Aldo López

syslog and reporting

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website