FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Vbharath_FTNT
Article Id 192252
Description
This article explains how to configure a FortiGate unit to hide usernames in traffic logs and UTM logs, the username will be displayed as 'anonymous'.

It is assumed that logging is enabled in firewall policy and UTM profiles, and that identity based policies are configured on the FortiGate unit.

Solution
To configure this setting, CLI access is required. Connect to the FortiGate unit CLI and execute following commands:

# config log setting
# set user-anonymize enable
# end

Verification, a log entry should now appear as:

date=2014-11-26 time=14:45:16 logid=0317013312 type=utm subtype=webfilter eventtype=ftgd_allow level=notice vd="root" policyid=2 identidx=1 sessionid=31232959 user="anonymous" group="ldap_users" srcip=192.168.1.24 srcport=63355 srcintf="port2" dstip=66.171.121.44 dstport=80 dstintf="port1" service="http" hostname="www.fortinet.com" profiletype="Webfilter_Profile" profile="default" status="passthrough" reqtype="direct" url="/" sentbyte=304 rcvdbyte=60135 msg="URL belongs to an allowed category in policy" method=domain class=0 cat=140 catdesc="custom1"

vbharat_FD36317_tn_FD36317.jpg

It should be noted that after configuring this setting, log messages on an associated FortiAnalyzer will also display the username as 'anonymous' since the log message is generated on the FortiGate unit.

Contributors