Filter
Top Products
348 01-28007-0068-20041203 Fortinet Inc.
Configuring log filters Log & Report
Attack log
The Attack Log records attacks detected and prevented by the FortiGate unit. You can
apply the following filters:
Spam filter log
The Spam Filter Log records blocking of address patterns and content in IMAP and
POP3 traffic. You can apply the following filters:
Configuring log filters
Configure log filters for each location to which you are saving logs.
To configure log filters
1 Go to Log&Report > Log Config > Log Filter.
2 Enable the logging type for each location to which you want to log messages.
3 Select the specific log sub-types to log for each location.
4 Select Apply.
Enabling traffic logging
To enable traffic logging for an interface or VLAN subinterface
You can enable traffic logging for an interface or VLAN subinterface. All connections
to and through the interface are recorded in the traffic log.
1 Go to System > Network > Interface.
2 Select the Edit icon for an interface.
3 Select Log.
4 Select OK.
5 Repeat steps 1 through 4 for each interface for which you want to enable logging.
6 Make sure you enable traffic logs for a logging location and set the logging severity
level to Notification or lower.
Attack Signature The FortiGate unit logs all detected and prevented attacks based on the
attack signature, and the action taken by the FortiGate unit.
Attack Anomaly The FortiGate unit logs all detected and prevented attacks based on
unknown or suspicious traffic patterns, and the action taken by the
FortiGate unit.
SMTP The FortiGate unit logs all instances of blocked email in SMTP traffic.
POP3 The FortiGate unit logs all instances of blocked email in POP3 traffic.
IMAP The FortiGate unit logs all instances of blocked email in IMAP traffic.
Note: To record traffic log messages you must set the logging severity level to Notification when
configuring the logging location. Traffic log messages do not generally have a severity level
higher than Notification.