Technical Tip: Forward traffic logs are not displayed memory logs

gessakkiappan · ‎04-27-2020

Description
This article describes when forward traffic logs are not displayed when logging is enabled in the policy.

Solution
Firewall memory logging severity is set to warning to reduce the amount of logs written to memory by default.

Because of that, the traffic logs will not be displayed in the 'Forward logs'.

The severity needs to set to 'Information' to view traffic logs form memory.

To view the current settings .

# config log memory filter

(filter) # show full-configuration
# config log memory filter
    set severity warning                        <-----
    set forward-traffic enable
    set local-traffic disable
    set multicast-traffic enable
    set sniffer-traffic enable
    set anomaly enable
    set voip enable
    set dns enable
    set ssh enable
    set ssl enable
    set cifs enable
    set filter ''
    set filter-type include
end

Modify the severity to information.

#config log memory filter
set severity information
end

Once modified, Traffic logs should be displayed in the 'Forward Traffic' under memory logs.

Starting from FortiOS 6.4.0, the default severity is set to 'information'.

So Traffic logs are displayed by default from FortiOS 6.4.0.

Related Articles

Technical Tip: Displaying logs via CLI

Technical Tip: No memory logs seen in FortiGate