Hello all, We're using Fortigate 600C and just upgraded FortiOS to
v5.6.6 from v5.4. While using v5.4, action=accept in our traffic logs
was only referring to non-TCP connections and we were looking for
action=close for successfully ended TCP connect...
Hi, Thank you for your detailed reply, it's very enlightening. Is it
somehow possible to disable only LOG_ID_TRAFFIC_STAT (i.e.
logid="0000000020")? Thanks jhouvenaghel wrote:You mentionned : "For the
same policy,[ul]action=accept takes logid="000000...
Hi, For the same policy,[ul]action=accept takes
logid="0000000020"action=close takes logid="0000000013"[/ul]However, on
some other policies, action=accept is taking logid="0000000013" as well.
On the other hand, action=close never takes logid="000000...
Hi Ken, Thank you for your reply. I checked the policy and
logtraffic-start is not enabled. Only the command below is there: set
logtraffic all Plus, our traffic logs never take action=start values and
this supports my finding above. Any other ideas?...
You are leaving our website
You are leaving our site and we cannot be held responsible for the content of external websites
