Logging and reporting
You can configure the FortiGate unit to log network activity from routine configuration changes and traffic sessions to emergency events. You can also configure the FortiGate unit to send alert email messages to inform system administrators about events such as network attacks, virus incidents, and firewall and VPN events.
This chapter describes:
•Recording logs
•Filtering log messages
•Configuring traffic logging
•Viewing logs saved to memory
•Viewing and managing logs saved to the hard disk
•Configuring alert email
Recording logs
You can configure logging to record logs to one or more of:
•a computer running a syslog server,
•a computer running a WebTrends firewall reporting server,
•the FortiGate hard disk (if your FortiGate unit contains a hard disk),
•the console.
For information about filtering the log types and activities that the FortiGate unit records, see “Filtering log messages” on page 313. For information about traffic logs, see “Configuring traffic logging” on page 314.
This section describes:
•Recording logs on a remote computer
•Recording logs on a NetIQ WebTrends server
•Recording logs on the FortiGate hard disk
•Recording logs in system memory
•Log message levels
309 |