Fortinet 552 FortiWeb 5.0 Patch 6 Administration Guide
3. Click Apply.
4. Enable the log types that you want your log destinations to receive. See “Enabling log types,
packet payload retention, & resource shortage alerts” on page 546.
See also
Configuring log destinations
Viewing log messages
Downloading log messages
Enabling log types, packet payload retention, & resource shortage alerts
Alert email
Configuring Syslog settings
Configuring FortiAnalyzer policies
Obscuring sensitive data in the logs
You can configure the FortiWeb appliance to hide certain predefined data types, including user
names and passwords, that could appear in the packet payloads accompanying a log message.
You can also define and include your own sensitive data types, such as ages (relevant if you are
required to comply with COPPA) or other identifying numbers, using regular expressions.
FortiAnalyzer Enable to store log messages remotely on a FortiAnalyzer appliance.
FortiAnalyzer entries are controlled by FortiAnalyzer policies and trigger
actions associated with various types of violations. If this option is
enabled, but a trigger action has not been selected for a specific type of
violation, every occurrence of that violation will be recorded to the
FortiAnalyzer specified in FortiAnalyzer Policy.
Note: Before enabling this option, verify that log frequency is not too
great. If logs are very frequent, enabling this option could decrease
performance and cause the FortiWeb appliance to send many log
messages to FortiAnalyzer.
Note: Logs stored remotely cannot be viewed from the FortiWeb web UI.
FortiAnalyzer
Policy
Select the settings to use when storing log messages
remotely. FortiAnalyzer settings include the address and
other connection settings for the remote FortiAnalyzer.
For more information see “Configuring FortiAnalyzer
policies” on page 555.
Log Level Select the severity level that a log message must equal or
exceed in order to be recorded to this storage location.
For information about severity levels, see “Log severity
levels” on page 544.
Setting name Description
Sensitive data definitions are not retroactive. They will hide strings in subsequent log
messages, but will not affect existing ones.