
Configuring traffic logging | Logging and reporting |
|
|
Configuring traffic logging
You can configure the FortiGate unit to record traffic log messages for connections to:
•Any interface
•Any VLAN subinterface
•Any firewall policy
The FortiGate unit can filter traffic logs for any source and destination address and service. You can also enable the following global settings:
•resolve IP addresses to host names,
•record session or packet information,
•display the port number or service.
The traffic filter list shows the name, source address and destination address, and the protocol type of the traffic to be filtered.
This section describes:
•Enabling traffic logging
•Configuring traffic filter settings
•Adding traffic filter entries
Enabling traffic logging
You can enable logging on any interface, VLAN subinterface, and firewall policy.
Enabling traffic logging for an interface
If you enable traffic logging for an interface, all connections to and through the interface and recorded in the traffic log.
1Go to System > Network > Interface.
2Select Edit in the Modify column beside the interface for which you want to enable logging.
3For Log, select Enable.
4Select OK.
5Repeat this procedure for each interface for which you want to enable logging.
Enabling traffic logging for a VLAN subinterface
If you enable traffic logging for a VLAN subinterface, all connections to and through the VLAN subinterface and recorded in the traffic log.
1Go to System > Network > Interface.
2Select Edit in the Modify column beside the VLAN subinterface for which you want to enable logging.
3For Log, select Enable.
4Select OK.
286 | Fortinet Inc. |