Logging and reporting

Configuring traffic logging

 

 

This section describes:

Enabling traffic logging

Configuring traffic filter settings

Adding traffic filter entries

Enabling traffic logging

You can enable logging on any interface and firewall policy.

Enabling traffic logging for an interface

If you enable traffic logging for an interface, all connections to and through the interface are recorded in the traffic log.

To enable traffic logging for an interface

1Go to System > Network > Interface.

2Select Edit in the Modify column beside the interface for which you want to enable logging.

3For Log, select Enable.

4Select OK.

5Repeat this procedure for each interface for which you want to enable logging.

Enabling traffic logging for a firewall policy

If you enable traffic logging for a firewall policy, all connections accepted by the firewall policy are recorded in the traffic log.

To enable traffic logging for a firewall policy

1Go to Firewall > Policy.

2Select a policy tab.

3Select Log Traffic.

4Select OK.

Configuring traffic filter settings

You can configure the information recorded in all traffic log messages.

To configure traffic filter settings

1Go to Log&Report > Log Setting > Traffic Filter.

2Select the settings that you want to apply to all traffic log messages.

Resolve IP

Select Resolve IP if you want traffic log messages to list the IP address

 

and domain name stored on the DNS server. If the primary and secondary

 

DNS server addresses provided to you by your ISP have not already been

 

added, go to System > Network > DNS and add the addresses.

Display

Select Port Number if you want traffic log messages to list the port

 

number, for example, 80/tcp. Select Service Name if you want traffic log

 

messages to list the name of the service, for example, TCP.

FortiGate-50A Installation and Configuration Guide

255

Page 255
Image 255
Fortinet 50A user manual Enabling traffic logging for an interface, Enabling traffic logging for a firewall policy, 255