Log&Report
FortiGate Version 4.0 MR1 Administration Guide
01-410-89802-20090903 709
http://docs.fortinet.com/ • Feedback
Log&Report
FortiGate units provide extensive logging capabilities for traffic, system and network
protection functions. They also allow you to compile reports from the detailed log
information gathered. Reports provide historical and current analysis of network activity to
help identify security issues that will reduce and prevent network misuse and abuse.
This section provides an introduction to FortiGate logging and reporting. For more
information see the Logging and Reporting in FortiOS 4.0.
For better log storage and retrieval, the FortiGate unit can send log messages to a
FortiAnalyzer unit. FortiAnalyzer units provide integrated log collection, analysis tools and
data storage. Detailed log reports provide historical as well as current analysis of network
activity. Detailed log reports also help identify security issues, reducing network misuse
and abuse. The FortiGate unit can send all log message types, including quarantine files
and DLP archives, to a FortiAnalyzer unit for storage. The FortiAnalyzer unit can upload
log files to an FTP server for archival purposes. For more information about configuring
the FortiGate unit to send log messages to a FortiAnalyzer unit, see “Remote logging to a
FortiAnalyzer unit” on page 710.
If you have a subscription for the FortiGuard Analysis and Management Service, your
FortiGate unit can send logs to a FortiGuard Analysis server. This service provides
another way to store and view logs, as well as archiving email messages. For more
information, see the FortiGuard Analysis and Management Service Administration Guide.
For details and descriptions of log messages and formats, see the FortiGate Log Message
Reference.
This section provides information about how to enable logging, view log messages, and
configure reports. If you have VDOMs enabled, see “Using virtual domains” on page 159
for more information.
The following topics are included in this section:
• Configuring how a FortiGate unit stores logs
• Configuring Alert Email
• Configuring Event logging
• Accessing and viewing log messages
• Viewing DLP Archives
• Viewing the File Quarantine list
• Configuring FortiAnalyzer report schedules
• Viewing Executive Summary reports from SQL logs
• Viewing FortiAnalyzer reports
• Viewing basic traffic reports
• Log severity levels
• Log types
• Example configuration: logging all FortiGate traffic
To Next Page
Loading...
Need help?
General