Fortinet white logo
Fortinet white logo

Handbook

Configuring Attack Log purge settings

Configuring Attack Log purge settings

Attack Log purging is the deleting of logs to preserve log space and maintain log system performance.

By default, DDoS Attack Logs are purged on a first-in, first-out basis when the log reaches 1,000,000 entries. Attack Log purge settings are configurable. You can specify a different threshold, and you can purge logs manually.

Before you begin:

  • You must have Read-Write permission for Log & Report settings.
To configure purge settings:
  1. Go to Log & Report > Log Configuration > Log Purge Settings.
  2. Complete the configuration as described in the table below.
  3. Save the configuration.

Attack Log purge settings configuration guidelines

Settings Guidelines
Automatic Purge Select to automatically purge Attack Logs after the max number of entries is reached.
Purge older events when the number of events is over Purge the earliest Attack Logs when this threshold is reached. The default is 1,000,000 entries.
Manual Purge Select to purge entries logged during the specified period.
Start Date / End Date Specify a period when purging logs manually. The period begins at 0:00 on the start date and ends at 23:59 on the end date.

To configure with CLI:

config ddos global attack-event-purge

set purge-watermark 2000000

end

Configuring Attack Log purge settings

Configuring Attack Log purge settings

Attack Log purging is the deleting of logs to preserve log space and maintain log system performance.

By default, DDoS Attack Logs are purged on a first-in, first-out basis when the log reaches 1,000,000 entries. Attack Log purge settings are configurable. You can specify a different threshold, and you can purge logs manually.

Before you begin:

  • You must have Read-Write permission for Log & Report settings.
To configure purge settings:
  1. Go to Log & Report > Log Configuration > Log Purge Settings.
  2. Complete the configuration as described in the table below.
  3. Save the configuration.

Attack Log purge settings configuration guidelines

Settings Guidelines
Automatic Purge Select to automatically purge Attack Logs after the max number of entries is reached.
Purge older events when the number of events is over Purge the earliest Attack Logs when this threshold is reached. The default is 1,000,000 entries.
Manual Purge Select to purge entries logged during the specified period.
Start Date / End Date Specify a period when purging logs manually. The period begins at 0:00 on the start date and ends at 23:59 on the end date.

To configure with CLI:

config ddos global attack-event-purge

set purge-watermark 2000000

end