Fortinet black logo

Cookbook

Logging traffic with FortiGate Cloud

Copy Link
Copy Doc ID 598118ae-ea1f-11e9-8977-00505692583a:189021
Download PDF

Logging traffic with FortiGate Cloud

This recipe demonstrates how to use FortiGate Cloud, an online logging service provided by Fortinet, to store logs of your FortiGate unit's traffic. In this example, the log shows sites visited by users on the internal network.

You can access logs using the FortiGate and also through the FortiGate Cloud website. Before you can use FortiGate Cloud, you must register your FortiGate. For more information, see FortiGate registration and basic settings.

1. Activating FortiGate Cloud

Go to Dashboard and locate the License Information widget. In the FortiCloud row, select Activate.

Use an existing FortiGAte Cloud account or create a new one. It is recommended to use a common FortiGAte Cloud account for all your Fortinet logs.

Information about your FortiGate Cloud account now appears in the License Information widget.

2. Sending logs to FortiGate Cloud

Go to Log & Report > Log Settings and disable local logging.

Enable Send Logs to FortiCloud and confirm that Upload Option is set to Realtime.

Select Test Connectivity to verify the connection between your FortiGate and FortiGate Cloud.

Adjust the Event Logging settings as desired and set the GUI Preferences to Display Logs From FortiCloud.

3. Enabling logging in your Internet access security policy

Go to Policy & Objects > IPv4 and edit the policy that allows connections from the internal network to the Internet. Scroll down to view Logging Options. In order to confirm that logs are being sent to FortiGAte Cloud, enable Log Allowed Traffic and select All Sessions.

4. Results

Browse the Internet. Then, go to Log & Report > Forward Traffic. In the top right corner of the screen, the Log location is shown as FortiCloud.

Go to Dashboard. In the FortiCloud row of the License Information widget, select Launch Portal.

A screen will open in your browser, showing all the devices linked with your FortiGate account. Select the appropriate unit.

You can also access your FortiGate Cloud account by going to www.forticloud.com

After you select your device, the FortiGate Cloud Dashboard appears, displaying information about traffic. If traffic does not appear in FortiGate Cloud right away, wait 10-15 minutes and try again.

From the portal's top menu bar, you can also access options for FortiView, Drilldown, Reports, and Management.

For more information about using FortiGate Cloud, see the FortiGate Cloud Administration Guide

For further reading, check out FortiCloud in the FortiOS 5.4 Handbook.

Logging traffic with FortiGate Cloud

This recipe demonstrates how to use FortiGate Cloud, an online logging service provided by Fortinet, to store logs of your FortiGate unit's traffic. In this example, the log shows sites visited by users on the internal network.

You can access logs using the FortiGate and also through the FortiGate Cloud website. Before you can use FortiGate Cloud, you must register your FortiGate. For more information, see FortiGate registration and basic settings.

1. Activating FortiGate Cloud

Go to Dashboard and locate the License Information widget. In the FortiCloud row, select Activate.

Use an existing FortiGAte Cloud account or create a new one. It is recommended to use a common FortiGAte Cloud account for all your Fortinet logs.

Information about your FortiGate Cloud account now appears in the License Information widget.

2. Sending logs to FortiGate Cloud

Go to Log & Report > Log Settings and disable local logging.

Enable Send Logs to FortiCloud and confirm that Upload Option is set to Realtime.

Select Test Connectivity to verify the connection between your FortiGate and FortiGate Cloud.

Adjust the Event Logging settings as desired and set the GUI Preferences to Display Logs From FortiCloud.

3. Enabling logging in your Internet access security policy

Go to Policy & Objects > IPv4 and edit the policy that allows connections from the internal network to the Internet. Scroll down to view Logging Options. In order to confirm that logs are being sent to FortiGAte Cloud, enable Log Allowed Traffic and select All Sessions.

4. Results

Browse the Internet. Then, go to Log & Report > Forward Traffic. In the top right corner of the screen, the Log location is shown as FortiCloud.

Go to Dashboard. In the FortiCloud row of the License Information widget, select Launch Portal.

A screen will open in your browser, showing all the devices linked with your FortiGate account. Select the appropriate unit.

You can also access your FortiGate Cloud account by going to www.forticloud.com

After you select your device, the FortiGate Cloud Dashboard appears, displaying information about traffic. If traffic does not appear in FortiGate Cloud right away, wait 10-15 minutes and try again.

From the portal's top menu bar, you can also access options for FortiView, Drilldown, Reports, and Management.

For more information about using FortiGate Cloud, see the FortiGate Cloud Administration Guide

For further reading, check out FortiCloud in the FortiOS 5.4 Handbook.