FortiLog CLI reference | CLI commands | |
|
|
|
|
|
|
| set log setting syslog remote server <server_ip> | Set the remote syslog severity level |
| port <port_integer> loglevel <severity_level> | 0 = Emergency, 1 = Alert, 2 = Critical, 3 = Error, 4 = Warning, 5 = |
|
| Notification, 6 = Information |
|
| The log levels will be up to but not higher than the value you set. |
|
|
|
| set log setting syslog remote server <server_ip> | Enable or disable CSV format to record log messages to the remote |
| port <port_integer> loglevel <severity_level> csv | syslog server in |
| {enable disable} | message fields are separated by commas. |
|
| |
|
|
|
| set log policy destination <syslog local | Set the destination where log policy information will reside. |
| console> |
|
|
|
|
| set log policy destination <syslog local | Enable or disable the event log recording of management and activity |
| console>event status <enable disable> | events. Management events include changes to the FortiLog and |
|
| administrator login/logout. System activities include activities such as |
|
| IPSec negotiation. |
|
|
|
| set log policy destination <syslog local | Set the management events and system activities to log. |
| console> event <enable disable> configuration |
|
| <configuration ipsec login ipmac system |
|
| routegateway none> |
|
|
|
|
| set log devtype <string> report name <report | Define the report name for a device |
| name> | • devtype<string> is one of FortiGate, FortiMail, FortiManager and |
|
| Syslog |
|
| • <report name> define a name for the report. |
|
|
|
| set log devtype <string> report <report name> | Set the start and ending period the FortiLog unit pulls the data from the |
| period | logs. |
|
|
|
| set log devtype <string> report <report name> | Set the period the FortiLog unit pulls the data from the logs. |
| period {today yesterday} |
|
|
|
|
| set log devtype <string> report <report name> | Set the period the FortiLog unit pulls the data from the logs. |
| period this {yearquartermonthweek} |
|
|
|
|
| set log devtype <string> report <report name> | Set the period the FortiLog unit pulls the data from the logs. |
| period last {yearquartermonthweek} |
|
|
|
|
| set log devtype <string> report <report name> | Set the devices or virtual domains to include in the report. |
| results {vdom dev all} | • all - all available devices |
|
| • dev |
|
| • vdom - display results per virtual domain |
|
|
|
| set log devtype <string> report <report name> | Set the top values for specific log reports, where the top values are |
| top {x y}<integer> | reported. This can be useful when you have many email clients yet you |
|
| only need to report on the top ten. |
| set log devtype <string> report <report name> | Set the resolving of IP addresses and port numbers to meaningful |
| resolve {ip port} | names. You must first add IP aliases to use this option. For details, see |
|
| the report alias command on page 92. |
| set log devtype <string> report <report name> | Select a defined query profile to use in the report. |
| queryset <string> |
|
|
|
|
| set log devtype <string> report <report name> | Select a defined device profile to use in the report. |
| deviceset <string> |
|
|
|
|
| set log devtype <string> report <report name> | Select a defined filter profile to use in the report. |
| filters <string> |
|
|
|
|
| set log devtype <string> queryset | Select the queries to include in a report and store as a profile for later |
| <name><qry_indexes> | use in other reports. |
|
|
|
| set log devtype <string> deviceset | Select the devices to include in a report and store as a profile for later |
| <string><all0,4,5> | use in other reports. |
|
|
|
FortiLog Administration Guide | 101 |
