![](/images/new-backgrounds/1267772/267772505x1.webp)
Logging and reporting | Filtering log messages |
|
|
Log message levels
Table 23 lists and describes FortiGate log message levels.
Table 23: FortiGate log message levels
Levels | Description | Generated by | |
|
|
|
|
0 | - Emergency | The system has become unstable. | Emergency messages not |
|
|
| available. |
|
|
|
|
1 | - Alert | Immediate action is required. | NIDS attack log messages. |
|
|
|
|
2 | - Critical | Functionality is affected. | DHCP |
|
|
|
|
3 | - Error | An error condition exists and | Error messages not available. |
|
| functionality could be affected. |
|
|
|
|
|
4 | - Warning | Functionality could be affected. | Antivirus, Web filter, email filter, and |
|
|
| system event log messages. |
|
|
|
|
5 | - Notice | Information about normal events. | Antivirus, Web filter, and email filter |
|
|
| log messages. |
|
|
|
|
6 | - Information | General information about system | Antivirus, Web filter, email filter log |
|
| operations. | messages, and other event log |
|
|
| messages. |
|
|
|
|
Filtering log messages
You can configure the logs that you want to record and the message categories that you want to record in each log.
To filter log entries
1Go to Log&Report > Log Setting.
2Select Config Policy for the log location that you selected in “Recording logs” on page 251.
3Select the log types that you want the FortiGate unit to record.
Traffic Log | Record all connections to and through the interface. |
| To configure traffic filtering, see “Adding traffic filter entries” on page 256. |
Event Log | Record management and activity events in the event log. |
| Management events include changes to the system configuration as well |
| as administrator and user logins and logouts. Activity events include |
| system activities, such as VPN tunnel establishment and HA failover |
| events. |
Virus Log | Record virus intrusion events, such as when the FortiGate unit detects a |
| virus, blocks a file type, or blocks an oversized file or email. |
Web Filtering Log Record activity events, such as URL and content blocking, and exemption of URLs from blocking.
Attack Log | Record attacks detected by the NIDS and prevented by the NIDS |
| Prevention module. |
Email Filter Log | Record activity events, such as detection of email that contains unwanted |
| content and email from unwanted senders. |
Update | Record log messages when the FortiGate connects to the FDN to |
| download antivirus and attack updates. |
253 |