Running fortios 6.0.4. I´ve enabled DNS-logging in both the disk settings and tried to send DNS-logs to a syslog server. But no DNS-logs appears. Get all other logs that I tried, but the DNS-logs wont appear on the FW or the Syslog-server.
config log disk filterset dns enableend config log syslogd filterset dns enableend Also tried set the Log Level to Information, which was implied by fortinet. But I´m stuck at this point. Any help or things that I can check?
Thanks. Not really what I´m looking for. I wan´t to use this solution:
DNS Logging (401757)
FortiOS logging now includes the Detailed DNS log message type. DNS events were previously recorded as event logs. In FortiOS 5.6 DNS log messages are a new category that also includes more DNS log messages to provide additional detail about DNS activity through the FortiGate. You can enable DNS logging from the CLI using the following command (shown in this example for memory logging):
config log memory filterset dns enableend
DNS log messages include details of each DNS query and response. DNS log messages are recorded for all DNS traffic though the FortiGate and originated by the FortiGate.
The detailed DNS logs can be used for low-impact security investigation. Most network activity involves DNS activity of some kinds. Analyzing DNS logs can provide a lot of details about the activity on your network without using flow or proxy-based resource intensive techniques.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.