FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
rmetzger
Staff
Staff
Article Id 196735
Description
This article describes how to view log entries from the FortiGate CLI.

Scope
The example and procedure that follow are given for FortiOS 4.0MR1.

Solution
It is assumed that Memory and/or Disk/Faz/FDS logging is enabled on the FortiGate and other log options enabled (at Protection Profile level for example).
 
1. Setup filter(s) for the logs to be displayed
 
FGT# execute log filter device 1
Available devices:
 0: disk
 1: memory
 2: faz
 4: fds
FGT# execute log filter category 3
Available categories:
10: application control
 9: dlp
 6: content
 5: spam
 4: ids
 3: webfilter
 2: virus
 1: event
 0: traffic
FGT# execute log  filter view-lines 100 To define the number of lines to display
Other filter options available
FGT # execute log filter ?
category         set category
device           which device to get log from
field            Set filter by field
ha-member
reset            reset filter
rolled-number    set roll log number, press enter for
                 options
start-line       set start line to display
view-lines       set lines per view
 
 
2. Check all filter settings
 
FGT# execute log  filter dump
category: webfilter
device: memory
roll: 0
start-line: 1
view-lines: 100
 

3. View the logs corresponding to the filter
 
FGT# execute log  display
1 logs found.
1 logs returned.
1: 2009-09-21 08:42:00 log_id=0314012288 type=webfilter subtype=content pri=warning fwver=040000 vd="root" policyid=1 serial=1437 user="N/A" group="N/A" src=10.160.1.10 sport=2061 src_int="port2" dst=x.y.z.t dport=80 dst_int="port1" service=http hostname="www.fortinet.com" profile="web" req_type=referral url="/products/" status=blocked agent="N/A" from="N/A" to="N/A" banword="Network" msg="URL was blocked because it contained banned word(s)."


Related Articles

Technical Tip : How to delete FortiGate log entries stored in memory or local disk

Contributors