20
01-28008-0013-20050204
Fortinet Inc.
Document conventions
Introduction
Logging and reporting
The FortiGate unit supports logging for various categories of traffic and configuration
changes. You can configure logging to:
• report traffic that connects to the firewall,
• report network services used,
• report traffic that was permitted by firewall policies,
• report traffic that was denied by firewall policies,
• report events such as configuration changes and other management events,
IPSec tunnel negotiation, virus detection, attacks, and web page blocking,
• report attacks detected by the IPS,
• send alert email to system administrators to report virus incidents, intrusions, and
firewall or VPN events or violations.
Logs can be sent to a remote syslog server or a WebTrends NetIQ Security Reporting
Center and Firewall Suite server using the WebTrends enhanced log format. Some
models can also save logs to an optional internal hard drive. If a hard drive is not
installed, you can configure most FortiGate units to log the most recent events and
attacks detected by the IPS to the system memory.
Document conventions
This guide uses the following conventions to describe CLI command syntax.
• Angle brackets
< >
to indicate variables.
For example:
execute restore config <filename_str>
You enter:
execute restore config myfile.bak
<xxx_str>
indicates an ASCII string that does not contain new-lines or carriage
returns.
<xxx_integer>
indicates an integer string that is a decimal (base 10) number.
<xxx_octet>
indicates a hexadecimal string that uses the digits 0-9 and letters
A-F.
<xxx_ipv4>
indicates a dotted decimal IPv4 address.
<xxx_v4mask>
indicates a dotted decimal IPv4 netmask.
<xxx_ipv4mask>
indicates a dotted decimal IPv4 address followed by a dotted
decimal IPv4 netmask.
<xxx_ipv6>
indicates a dotted decimal IPv6 address.
<xxx_v6mask>
indicates a dotted decimal IPv6 netmask.
<xxx_ipv6mask>
indicates a dotted decimal IPv6 address followed by a dotted
decimal IPv6 netmask.
Summary of Contents for FortiGate FortiGate-5020
Page 86: ...86 01 28008 0013 20050204 Fortinet Inc Dynamic IP System DHCP ...
Page 118: ...118 01 28008 0013 20050204 Fortinet Inc FortiManager System Config ...
Page 254: ...254 01 28008 0013 20050204 Fortinet Inc CLI configuration User ...
Page 318: ...318 01 28008 0013 20050204 Fortinet Inc CLI configuration Antivirus ...
Page 350: ...350 01 28008 0013 20050204 Fortinet Inc Using Perl regular expressions Spam filter ...
Page 370: ...370 01 28008 0013 20050204 Fortinet Inc CLI configuration Log Report ...
Page 382: ...382 01 28008 0013 20050204 Fortinet Inc Glossary ...
Page 402: ...402 01 28008 0013 20050204 Fortinet Inc Index ...