Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Administration Guide

Event Log

The Event Log pane provides an audit log of actions made by users on FortiAnalyzer. It allows you to view log messages that are stored in memory or on the internal hard disk drive. You can use filters to search the messages and download the messages to the management computer.

See the FortiAnalyzer Log Message Reference, available from the Fortinet Document Library, for more information about the log messages.

Go to System Settings > Event Log to view the local log list.

The following options are available:

Last...

Select the amount of time to show from the available options, or select a custom time span or any time.

Add Filter

Filter the event log list based on the log level, user, sub type, or message. See Event log filtering.

Column Settings

Select which columns are enabled or disabled in the Event Log table.

Tools

 

 

Display Raw / Formatted Log

Click on Display Raw to view the logs in their raw state.

Click Formatted Log to view logs formatted into a table.

 

Real-time Log / Historical Log

Click to view the real-time or historical logs list.

 

Download

Download the event logs in either CSV or the normal format to the management computer.

 

Case Sensitive Search

Enable or disable case sensitive searching.

Pagination

Browse the pages of logs and adjust the number of logs that are shown per page.

The following information is shown:

#

The log number.

Date/Time

The date and time that the log file was generated.

Device ID

The ID of the related device.

Level

The severity level of the message. For a description of severity levels, see the Log Message Reference.

User

The user that the log message relates to.

Sub Type

The event log subtype. For a description of the subtypes for event logs, see the Log Message Reference.

Description

A description of the event.

Operation

The change or operation that triggered the event.

Performed On

Entity affected by the change or operation. For example, when you log out of the FortiAnalyzer GUI, the operation is performed on the local FortiAnalyzer GUI.

Changes

Details of the change.

Message

Log message details. A Session ID is added to each log message. The username of the administrator is added to log messages wherever applicable for better traceability.

Event Log

The Event Log pane provides an audit log of actions made by users on FortiAnalyzer. It allows you to view log messages that are stored in memory or on the internal hard disk drive. You can use filters to search the messages and download the messages to the management computer.

See the FortiAnalyzer Log Message Reference, available from the Fortinet Document Library, for more information about the log messages.

Go to System Settings > Event Log to view the local log list.

The following options are available:

Last...

Select the amount of time to show from the available options, or select a custom time span or any time.

Add Filter

Filter the event log list based on the log level, user, sub type, or message. See Event log filtering.

Column Settings

Select which columns are enabled or disabled in the Event Log table.

Tools

 

 

Display Raw / Formatted Log

Click on Display Raw to view the logs in their raw state.

Click Formatted Log to view logs formatted into a table.

 

Real-time Log / Historical Log

Click to view the real-time or historical logs list.

 

Download

Download the event logs in either CSV or the normal format to the management computer.

 

Case Sensitive Search

Enable or disable case sensitive searching.

Pagination

Browse the pages of logs and adjust the number of logs that are shown per page.

The following information is shown:

#

The log number.

Date/Time

The date and time that the log file was generated.

Device ID

The ID of the related device.

Level

The severity level of the message. For a description of severity levels, see the Log Message Reference.

User

The user that the log message relates to.

Sub Type

The event log subtype. For a description of the subtypes for event logs, see the Log Message Reference.

Description

A description of the event.

Operation

The change or operation that triggered the event.

Performed On

Entity affected by the change or operation. For example, when you log out of the FortiAnalyzer GUI, the operation is performed on the local FortiAnalyzer GUI.

Changes

Details of the change.

Message

Log message details. A Session ID is added to each log message. The username of the administrator is added to log messages wherever applicable for better traceability.