Accessing Logs
Log&Report
FortiGate Version 4.0 Administration Guide
662
01-400-89802-20090424
You can view attack log messages from either the Memory or Remote tab.
To enable the attack logs
1
Go to
Firewall > Protection Profile
.
2
Select
Edit
beside the protection profile that you want.
3
Select the Expand Arrow beside
Logging
to reveal the available options.
4
Select
Log Intrusions under IPS
.
5
Select
OK
.
Accessing Logs
You can use the Log Access feature in the FortiGate web-based manager to view logs
stored in memory, on a hard disk, or stored on a FortiAnalyzer unit running FortiAnalyzer
3.0, or on the FortiGuard Analysis server.
Log Access provides tabs for viewing logs according to these locations. Each tab provides
options for viewing log messages, such as search and filtering options, and choice of log
type. The Remote tab displays logs stored on either the FortiGuard Analysis server or
FortiAnalyzer unit, whichever one is configured for logging.
For the FortiGate unit to access logs on a FortiAnalyzer unit, the FortiAnalyzer unit must
run firmware version 3.0 or higher.
Accessing logs stored in memory
You can access logs stored in the FortiGate system memory from the Memory tab. The
traffic log type is not available in the Log Type list because the FortiGate system memory
is unable to store them; however, you can view attack logs.
To view log messages in the FortiGate memory buffer, go to
Log&Report > Log Access
,
select the
Memory
tab, and then select a log type from the
Log Type
list.
Accessing logs stored on the hard disk
You can access logs stored on the hard disk if your FortiGate unit has a hard disk. Logs
stored on the hard disk are available for viewing in the Disk tab. You can view, navigate,
and download logs stored on the hard disk.
To access log files on the hard disk, go to
Log&Report > Log Access
, select the
Disk
tab,
and then select a log type from the
Log Type
list. The FortiGate unit displays a list of rolled
log files. You can view log messages when you select the
View
icon.
Note:
Make sure attack signature and attack anomaly DoS sensor settings are enabled to
log the attack. The logging options for the signatures included with the FortiGate unit are
set by default. Ensure any custom signatures also have the logging option enabled. For
more information, see
“Intrusion Protection” on page 455
.
Содержание Gate 60D
Страница 678: ...Reports Log Report FortiGate Version 4 0 Administration Guide 678 01 400 89802 20090424 http docs fortinet com Feedback...
Страница 704: ...Index FortiGate Version 4 0 Administration Guide 704 01 400 89802 20090424 http docs fortinet com Feedback...
Страница 705: ...www fortinet com...
Страница 706: ...www fortinet com...