
Configuring traffic logging | Logging and reporting |
|
|
Configuring traffic filter settings
You can configure the information recorded in all traffic log messages.
To configure traffic filter settings
1Go to Log&Report > Log Setting > Traffic Filter.
2Select the settings that you want to apply to all traffic log messages.
Resolve IP | Select Resolve IP if you want traffic log messages to list the IP address |
| and domain name stored on the DNS server. If the primary and secondary |
| DNS server addresses provided to you by your ISP have not already been |
| added, go to System > Network > DNS and add the addresses. |
Display | Select Port Number if you want traffic log messages to list the port |
| number, for example, 80/tcp. Select Service Name if you want traffic log |
| messages to list the name of the service, for example, TCP. |
3Select Apply.
Figure 80: Example traffic filter list
Adding traffic filter entries
Add entries to the traffic filter list to filter the messages that are recorded in the traffic log. If you do not add any entries to the traffic filter list, the FortiGate unit records all traffic log messages. You can add entries to the traffic filter list to limit the traffic logs that are recorded. You can log traffic with a specified source IP address and netmask, to a destination IP address and netmask, and for a specified service. A traffic filter entry can include any combination of source and destination addresses and services.
To add an entry to the traffic filter list
1Go to Log&Report > Log Setting > Traffic Filter.
2Select New.
3Configure the traffic filter for the type of traffic that you want to record on the traffic log.
Name | Type a name to identify the traffic filter entry. |
Source IP Address Source Netmask
The name can contain numbers
Type the source IP address and netmask for which you want the FortiGate unit to log traffic messages. The address can be an individual computer, subnetwork, or network.
316 | Fortinet Inc. |