Manuals
/
Fortinet
/
Computer Equipment
/
Network Card
Fortinet
FortiLog-800, FortiLog-100, FortiLog-400
manual
Configuring the FortiLog unit
Models:
FortiLog-100
FortiLog-400
FortiLog-800
1
22
124
124
Download
124 pages
26.49 Kb
19
20
21
22
23
24
25
26
Specs
Password
Factory defaults Administrator
Login
Admin
Connecting the FortiLog unit
Config Network
Assigning access to folders
CLI commands
FortiGate 2.8 log settings
Page 22
Image 22
Configuring the FortiLog unit
Setting up the FortiLog unit
22
05-16000-0082-20050115
Fortinet Inc.
Page 21
Page 23
Page 22
Image 22
Page 21
Page 23
Contents
FortiLog-100 FortiLog-400 FortiLog-800
January 15, 2004
Trademarks
Version 1.6 January 15 05-16000-0082-20050115
Regulatory Compliance
Table of Contents
Config Network
Managing the FortiLog unit
Reports
104
Setting folder and file properties
103
110
Introduction
FortiLog-400 FortiLog-100 FortiLog-800
Active Mode
Operational Modes
Passive Mode
Introduction
About this guide
Explains how to install and set up the FortiLog unit
FortiLog documentation
Related documentation
Explains how to configure VPNs using the web-based manager
FortiGate documentation
FortiMail documentation
FortiManager documentation
FortiClient documentation
Fortinet Knowledge Center
Customer service and technical support
Customer service and technical support
Setting up the FortiLog unit
Checking the package contents
Weight
Hardware specifications Dimensions
FortiLog-100 2.5 kg FortiLog-400 11 kg FortiLog-80014 kg
Environmental specifications
Planning the installation
Power requirements
Air flow
FortiLog unit Management PC
Connecting the FortiLog unit
Connecting the FortiLog unit
To connect the FortiLog unit to the network
Factory defaults Administrator
Configuring the FortiLog unit
Using the web-based manager
To connect to the web-based manager
To configure the FortiLog unit using the CLI
Using the command line interface
To configure the FortiLog unit using the web-based manager
Set system interface port1 mode static ip IPaddress netmask
Set the primary DNS server IP address
Using the front panel buttons and LCD
Set system dns primary IPaddress
Configuring the FortiLog unit
Go to Log&Report Log Config
Connecting to the FortiLog Unit
Configuring FortiGate unit running FortiOS
Sending device logs to the FortiLog unit
Configuring FortiGate devices running FortiOS
FortiGate 2.8 log settings
Configuring FortiMail devices
FortiGate 2.5 Log settings
Groups from this tab
Adding a device
To add a device
Unregistered
Defining device port interfaces
Creating Device Groups
To create a device group Go to System Devices Groups
Status
Managing the FortiLog unit
Status
Refresh
Operating Mode
Interval
Alerts
Changing operating modes
To change the operating mode in the CLI
Changing the FortiLog host name
Set system opmode activepassive
Viewing system resources information
To change the firmware using the web-based manager
Changing the firmware
Execute restore image namestr tftpip
Installing firmware from a system reboot
To change the firmware using the CLI
Execute restore image FortiLog400-v120.out
Immediately press any key to interrupt the system startup
To install firmware from a system reboot
Press any key to enter configuration menu
Enter Local Address
Following message appears
Testing a new firmware image
To test a new firmware image before installing it
Enter File Name image.out
Get system status
Installing a backup firmware image
Save as Default firmware/Run image without savingD/R
You can test the new firmware image as required
To install a backup firmware image
Type B
Switching to the default firmware image
Switching to a backup firmware image
To switch to the backup firmware image
Execute reboot
Backing up system settings
To switch back to the default firmware image
To backup up system settings Go to System Status Status
To restore system settings Go to System Status Status
Restoring system settings
Restore factory default system settings
Restoring a FortiLog unit
To upload the firmware image to the FortiLog unit
Press any key to begin download
Config
Network
Config RAID
Log to Host
Log settings
Config Policy
Port
CSV format
Config Policy
Log policy
Levels Description Generated by
Options
Admin
Time
Language
Configure Administrator access
Administrator account levels
Administrator options
Changing the Administrator password
Devices Active mode
To add an administrator account Go to System Config Admin
Adding and registering a device
Device list
Editing device information
Server
Alert Email
To edit a device Go to System Devices
Local
Device Active mode
Creating a new device alert
Attack Type
Attack Type Entry and listing Level of wait interval
To add a device alert Go to System Alert Email Device
Alerts
Virus Type
Defining IP aliases
Network Sharing
Window
To set host alias names Go to Reports IP Aliases
IP aliases
Creating and generating a report
To create a report Go to Reports Config
Reports
Select New and enter a name for the report
Set the following
Configuring report parameters
To define report parameters Go to Reports Config
Select Run now
Resolve Service Names Ranked Reports show top
Configuring a report query
To set the report queries Go to Reports Config
Select a report from the list Select Queries
Selecting the devices for the report
To select the devices Go to Reports Config
Creating a query profile
To create a query profile
Select filtering options
To set the filtering on a log report Go to Reports Config
Creating a device profile
To create a device profile
Creating a filter profile
Setting a report schedule
To create a scheduled report Go to Reports Config
To create a report filter profile
Select Schedule Select a day from the following
Creating a report schedule profile
Choosing the report destination and format
To create a report schedule profile
Reports on demand
To generate a report on demand Go to Reports Config
Creating a report destination and format profile
To create a pre-defined output selection
Viewing reports
To view a generated report Go to File Browse Reports
Roll up report
Individual reports
Vulnerability reports
To create a report Go to Reports Config Vulnerability
Creating and generating a report
Selecting report result parameters
Per device Resolve Host Names Resolve Service Names
Selecting plug-ins
Selecting the scan targets for the report
To select the plug-ins Go to Reports Config Vulnerabilities
Creating a plug-in profile
To create a plug-in profile
To add additional devices
Creating a scan target profile
To create a scan target profile
Email list
File
Browse/Reports hard disk
As an email attachment
Viewing the vulnerability report
Select the report name from the list of completed reports
Using Logs
Log view interface
Viewing logs
Select the column header to change the sort order between
Finding log information
To view the device log files Go to File Browse Logs
Ascending and descending order
Basic log filter
To import a log file Go to File Browse Logs
Importing log files
Alert level
Match Up and Down arrows
To set log watching Go to File Browse Logs
Log watch Active mode
Log Search
Show Up and Down arrows
Event correlation Active mode
Sort list
Event correlation Active mode
Using the FortiLog unit as a NAS
Connecting to the FortiLog file system
Selecting a file sharing protocol
Providing access to the FortiLog hard disk
Select Enable for a file sharing protocol
Adding and modifying user accounts
To add a user group Go to Network Sharing Groups
Assigning access to folders
Adding and modifying group accounts
Select Create New
Windows sharing configuration
Modifying the user or group folder access
NFS share configuration
To set file and folder permissions Go to File Browse Files
Setting folder and file properties
Owner
FortiLog CLI reference
CLI documentation conventions
FortiLog-800 login
Connecting to the CLI
Connecting to the FortiLog-800 console
To connect to the FortiLog-800 console
To use the CLI to configure SSH or Telnet access
Setting administrative access for SSH or Telnet
Welcome
To connect to the CLI using SSH
Connecting to the FortiLog CLI using SSH
Connecting to the FortiLog CLI using Telnet
To connect to the CLI using Telnet
FortiLog CLI commands include
CLI commands
Execute branch
Get command architecture
Use get to display settings, logs, or system information
Get branch
Get report resolve
Get log logsetting
Get system admin
Get report aliases
Set alertemail command architecture
Use set to configure settings, logs, or system information
Use set alertemail to configure alert mails
Set branch
Below
String is the password
Namestr is the user name
Set alertmail local time 0.5 1.0 3.0 6.0
Set alertmail device enable add leveltime
CLI commands
Settings originate from a singe source IP
Use set console to set console configuration
Set console
Set log command architecture
Use set log to configure log settings
Set log
YY-MM-DD
100
101
102
Set NAS
103
Set system
Set report command architecture
Set report
104
105
106
107
Trusthoststr is trusted host IP address
108
0.0
Netmaskstr is the netmask
109
Unset branch
111
112
Web Activity
Appendix a Log Report Types
Network Activity
113
FTP Activity
115
Terminal Activity
Mail Activity
Mail activity reports record Email traffic and connections
Antivirus Activity
Intrusion Activity
Web Filter Activity
Mail Filter Activity
117
Content Activity
VPN Activity
119
120
Index
121
122
Index
123
124
Top
Page
Image
Contents