DescriptionThis article shows how to enable the logging for the specific application (HTTP) using the application control sensor.
SolutionThe basic steps required are:
1. Create an application control sensor.
2. Apply that application control sensor on the firewall policy.
3. Browse any web site using Firefox.
4. Check the application control logs for HTTP.Browser_Firefox traffic.
Configuration CLI
Create an application control sensor.
#config application list
#edit "test"
#set other-application-log enable
#set unknown-application-log disable
#config entries
#edit 1
#set application 15893 34050
#set action pass
#set log enable
#set log-packet enable
#next
#end
#next
#end
In this example the signatures 15893 and 34050 are the signatures for HTTP.BROWSER & HTTP.BROWSER_Firefox.
Apply that application control sensor on the firewall policy.
#config firewall policy
#edit <id>
#set application-list "test"
#set logtraffic utm
#next
#end
Browse any web site using Firefox.
Verification of configuration
Check the application control logs for HTTP.Browser_Firefox traffic.
#exec log filter category utm-app-ctrl
#exec log display
date=2014-10-17 time=07:08:05 logid=1059028704 type=utm subtype=app-ctrl eventtype=app-ctrl-all level=information vd="root" appid=34050 srcip=10.185.1.1 srcport=1510 dstip=66.171.121.34 dstport=80 proto=6 service="HTTP" sessionid=22024 applist="test" appcat="Web.Others" app="HTTP.BROWSER_Firefox" action=pass hostname="www.fortinet.com" url="/sites/default/files/js/js_3_50vK6Nv28vcq9RH3Ip8iE7BpfMvwmtDIKqrFurrrM.js" msg="Web.Others: HTTP.BROWSER_Firefox," apprisk=elevated
