FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
shahv
Staff
Staff
Article Id 195561
Description
FortiGate will not list all log-type options under “Logs and Report” to keep GUI simple when some features are not activated.
This article explains how to list that log-type options and generate logs, under the “Logs and Report” when it is required.

Solution
Perform a log entry test from the FortiGate CLI using the "diag log test" command.
This will create various test log entries which results in displaying the logs under respective logs types including web-filter and application control.


Here is example output of  # diag log test :
# FortiGate_Firewall # diagnose log test
generating a system event message with level - warning
generating an infected virus message with level - warning
generating a blocked virus message with level - warning
generating a URL block message with level - warning
generating a DLP message with level - warning
generating an IPS log message
generating an anomaly log message
generating an application control IM message with level - information
generating an IPv6 application control IM message with level - information
generating deep application control logs with level - information
generating an antispam message with level - notification
generating an allowed traffic message with level - notice
generating a multicast traffic message with level - notice
generating a ipv6 traffic message with level - notice
generating a wanopt traffic log message with level - notification
generating a HA event message with level - warning
generating a VOIP event message with level - information
generating authentication event messages
generating a Forticlient message with level - information
generating a URL block message with level - warning
generating a DNS message with level - warning
generating an ssh-command pass log with level - notification
generating an ssh-channel block with level – warning
Once this command is executed, refresh the respective browser tab to have the new options listed.
To see the detailed web-filter and application control logs, set the severity to “Information” under log settings and enable the “log-all-url” command under webfilter and extended-log under application control profile.

Command to enable severity level to information:
# Config log disk filter
Set severity information
End
Command to enable lo-all-url:
# Config webfilter profile
Edit <webfilter profile>
set log-all-url enable
end
Command to enable extended-log :
# Config application list
Edit <profile name>
Set extended-log enable
end

Related Articles

How to perform a syslog and log test on a FortiGate with the 'diagnose log test' command

Contributors