Fortinet black logo

Logview

23.4.0
Copy Link
Copy Doc ID ce71c0e4-7759-11ee-a142-fa163e15d75b:356070
Download PDF

Logview

Logview offers more detailed log information, access to individual log data, and downloadable log files. You can select a log category to view from the list on the left.

You can select a time period to view data for. You can view log data older than seven days only for devices that have a FortiGate Cloud subscription:

  • Last 60 minutes
  • Last 24 hours
  • Last 7 days
  • Last 30 days
  • Specified time period

The Time column displays the raw log time, which may not correspond to the display time zone that you configured for FortiGate Cloud. To convert the raw log time to the FortiGate Cloud display time zone, add or subtract the time offset provided in the Time column. In the example, log 1 was recorded at 03:10:56. The (-0700) in the Time column shows the time difference between the raw log time and Greenwich mean time (GMT). Since in the example, the display time zone is the same as GMT, you can conclude that log 1 was recorded at 10:10:56 (03:10:56 + 07:00:00) in the display time zone.

You can set the chart's refresh rate by selecting the down arrow icon beside the Refresh icon. By using the Add Filter dropdown list, you can filter the log list by various factors. You can also filter for values that do not satisfy the filter by selecting NOT. By selecting Log Files, you can see the raw log data files and manually download them.

To download logs:
  1. In Analytics > Logview, go to the desired log.
  2. Click Log files in the upper right corner.
  3. Select the checkboxes for the desired logs. You can download up to five log files at once.
  4. Click the Download button. A .zip archive file containing the logs that you selected in step 3 is downloaded.

You can download various raw log types from FortiGate Cloud. The log filename format is <log type>_MultiLogs_<download timestamp>.gz

For example, for a traffic log, the filename would be tlog_MultiLogs_1592503586.zip.

The log filename format uses a shortened identifier for each log type:

Log type

Identifier

Anomaly

mlog

AntiSpam

slog

AntiVirus

vlog

Application Control

rlog

Attack

alog

CIFS

ilog

Content

clog

DLP

dlog

DNS

olog

Event (including all subtypes)

elog

File filter

fflog

GTP

glog

Netscan

nscan

SSH/SSL

hlog

Traffic

tlog

VOIP

plog

Web Application Firewall (WAF)

flog

Web Filter

wlog

For example, consider an Application Control log that is generated for the period between October 23, 2022 and November 2, 2022 for a FortiGate with the serial number "FGT123". The first log in the file has a timestamp of 6:09 PM, while the last log in the file has a timestamp of 9:32 AM. The log file name is as follows:

FGT123_rlog_20221023-1809-20211101-0932.log.gz

Logview

Logview offers more detailed log information, access to individual log data, and downloadable log files. You can select a log category to view from the list on the left.

You can select a time period to view data for. You can view log data older than seven days only for devices that have a FortiGate Cloud subscription:

  • Last 60 minutes
  • Last 24 hours
  • Last 7 days
  • Last 30 days
  • Specified time period

The Time column displays the raw log time, which may not correspond to the display time zone that you configured for FortiGate Cloud. To convert the raw log time to the FortiGate Cloud display time zone, add or subtract the time offset provided in the Time column. In the example, log 1 was recorded at 03:10:56. The (-0700) in the Time column shows the time difference between the raw log time and Greenwich mean time (GMT). Since in the example, the display time zone is the same as GMT, you can conclude that log 1 was recorded at 10:10:56 (03:10:56 + 07:00:00) in the display time zone.

You can set the chart's refresh rate by selecting the down arrow icon beside the Refresh icon. By using the Add Filter dropdown list, you can filter the log list by various factors. You can also filter for values that do not satisfy the filter by selecting NOT. By selecting Log Files, you can see the raw log data files and manually download them.

To download logs:
  1. In Analytics > Logview, go to the desired log.
  2. Click Log files in the upper right corner.
  3. Select the checkboxes for the desired logs. You can download up to five log files at once.
  4. Click the Download button. A .zip archive file containing the logs that you selected in step 3 is downloaded.

You can download various raw log types from FortiGate Cloud. The log filename format is <log type>_MultiLogs_<download timestamp>.gz

For example, for a traffic log, the filename would be tlog_MultiLogs_1592503586.zip.

The log filename format uses a shortened identifier for each log type:

Log type

Identifier

Anomaly

mlog

AntiSpam

slog

AntiVirus

vlog

Application Control

rlog

Attack

alog

CIFS

ilog

Content

clog

DLP

dlog

DNS

olog

Event (including all subtypes)

elog

File filter

fflog

GTP

glog

Netscan

nscan

SSH/SSL

hlog

Traffic

tlog

VOIP

plog

Web Application Firewall (WAF)

flog

Web Filter

wlog

For example, consider an Application Control log that is generated for the period between October 23, 2022 and November 2, 2022 for a FortiGate with the serial number "FGT123". The first log in the file has a timestamp of 6:09 PM, while the last log in the file has a timestamp of 9:32 AM. The log file name is as follows:

FGT123_rlog_20221023-1809-20211101-0932.log.gz