Fortinet 3.0 MR7 Rolling and uploading logs, To download log search results Go to Log Search, 105

To download log search results

1Go to Log > Search.

2Perform a search using either basic or advanced search.

If your search finds one or more matching log events, a Download Current View button appears next to the Printable Version button.

3Select Download Current View.

Options appear for the download’s file format and compression.

4Configure the following:

5Select OK.

6If prompted by your web browser, select a location to save the file, or open it without saving.

Rolling and uploading logs

You can control device log file size and consumption of the FortiAnalyzer disk space by configuring log rolling and/or scheduled uploads to a server.

As the FortiAnalyzer unit receives new log items, it performs the following tasks:

•verifies whether the log file has exceeded its file size limit

•if the file size is not exceeded, checks to see if it is time to roll the log file. You configure the time to be either a daily or weekly occurrence, and when the roll occurs

When a log file reaches its maximum size, or reaches the scheduled time, the FortiAnalyzer unit saves the log files with an incremental number, and starts a new log file with the same name. For example, the current attack log is alog.log. Any subsequent saved logs appear as alog.n.log, where n is the number of rolled logs.

If you have enabled log uploading, you can choose to automatically delete the rolled log file after uploading, thereby freeing the amount of disk space used by rolled log files. If the log upload fails, such as when the FTP server is unavailable, the logs are uploaded during the next scheduled upload.

To enable log rolling or uploading, go to Log > Config.