Fortinet black logo

CLI Reference

log disk filter

log disk filter

Use this command to configure log filter settings to determine which logs will be recorded by the disk log.

This command is available only on FortiGate units with hard disks.

config log disk filter
    set severity {option}   Log to disk every message above and including this severity level.
            emergency     Emergency level.
            alert         Alert level.
            critical      Critical level.
            error         Error level.
            warning       Warning level.
            notification  Notification level.
            information   Information level.
            debug         Debug level.
    set forward-traffic {enable | disable}   Enable/disable forward traffic logging.
    set local-traffic {enable | disable}   Enable/disable local in or out traffic logging.
    set multicast-traffic {enable | disable}   Enable/disable multicast traffic logging.
    set sniffer-traffic {enable | disable}   Enable/disable sniffer traffic logging.
    set anomaly {enable | disable}   Enable/disable anomaly logging.
    set voip {enable | disable}   Enable/disable VoIP logging.
    set dlp-archive {enable | disable}   Enable/disable DLP archive logging.
    set gtp {enable | disable}   Enable/disable GTP messages logging.
    set dns {enable | disable}   Enable/disable detailed DNS event logging.
    set ssh {enable | disable}   Enable/disable SSH logging.
    set event {enable | disable}   Enable/disable event logging.
    set system {enable | disable}   Enable/disable system activity logging.
    set radius {enable | disable}   Enable/disable RADIUS messages logging.
    set ipsec {enable | disable}   Enable/disable IPsec negotiation messages logging.
    set dhcp {enable | disable}   Enable/disable DHCP service messages logging.
    set ppp {enable | disable}   Enable/disable L2TP/PPTP/PPPoE logging.
    set admin {enable | disable}   Enable/disable admin login/logout logging.
    set ha {enable | disable}   Enable/disable HA logging.
    set auth {enable | disable}   Enable/disable firewall authentication logging.
    set pattern {enable | disable}   Enable/disable pattern update logging.
    set sslvpn-log-auth {enable | disable}   Enable/disable SSL user authentication logging.
    set sslvpn-log-adm {enable | disable}   Enable/disable SSL administrator login logging.
    set sslvpn-log-session {enable | disable}   Enable/disable SSL session logging.
    set vip-ssl {enable | disable}   Enable/disable VIP SSL logging.
    set ldb-monitor {enable | disable}   Enable/disable VIP real server health monitoring logging.
    set wan-opt {enable | disable}   Enable/disable WAN optimization event logging.
    set wireless-activity {enable | disable}   Enable/disable wireless activity event logging.
    set cpu-memory-usage {enable | disable}   Enable/disable CPU & memory usage logging every 5 minutes.
    set filter {string}   Disk log filter. size[511]
    set filter-type {include | exclude}   Include/exclude logs that match the filter.
            include  Include logs that match the filter.
            exclude  Exclude logs that match the filter.
end

log disk filter

Use this command to configure log filter settings to determine which logs will be recorded by the disk log.

This command is available only on FortiGate units with hard disks.

config log disk filter
    set severity {option}   Log to disk every message above and including this severity level.
            emergency     Emergency level.
            alert         Alert level.
            critical      Critical level.
            error         Error level.
            warning       Warning level.
            notification  Notification level.
            information   Information level.
            debug         Debug level.
    set forward-traffic {enable | disable}   Enable/disable forward traffic logging.
    set local-traffic {enable | disable}   Enable/disable local in or out traffic logging.
    set multicast-traffic {enable | disable}   Enable/disable multicast traffic logging.
    set sniffer-traffic {enable | disable}   Enable/disable sniffer traffic logging.
    set anomaly {enable | disable}   Enable/disable anomaly logging.
    set voip {enable | disable}   Enable/disable VoIP logging.
    set dlp-archive {enable | disable}   Enable/disable DLP archive logging.
    set gtp {enable | disable}   Enable/disable GTP messages logging.
    set dns {enable | disable}   Enable/disable detailed DNS event logging.
    set ssh {enable | disable}   Enable/disable SSH logging.
    set event {enable | disable}   Enable/disable event logging.
    set system {enable | disable}   Enable/disable system activity logging.
    set radius {enable | disable}   Enable/disable RADIUS messages logging.
    set ipsec {enable | disable}   Enable/disable IPsec negotiation messages logging.
    set dhcp {enable | disable}   Enable/disable DHCP service messages logging.
    set ppp {enable | disable}   Enable/disable L2TP/PPTP/PPPoE logging.
    set admin {enable | disable}   Enable/disable admin login/logout logging.
    set ha {enable | disable}   Enable/disable HA logging.
    set auth {enable | disable}   Enable/disable firewall authentication logging.
    set pattern {enable | disable}   Enable/disable pattern update logging.
    set sslvpn-log-auth {enable | disable}   Enable/disable SSL user authentication logging.
    set sslvpn-log-adm {enable | disable}   Enable/disable SSL administrator login logging.
    set sslvpn-log-session {enable | disable}   Enable/disable SSL session logging.
    set vip-ssl {enable | disable}   Enable/disable VIP SSL logging.
    set ldb-monitor {enable | disable}   Enable/disable VIP real server health monitoring logging.
    set wan-opt {enable | disable}   Enable/disable WAN optimization event logging.
    set wireless-activity {enable | disable}   Enable/disable wireless activity event logging.
    set cpu-memory-usage {enable | disable}   Enable/disable CPU & memory usage logging every 5 minutes.
    set filter {string}   Disk log filter. size[511]
    set filter-type {include | exclude}   Include/exclude logs that match the filter.
            include  Include logs that match the filter.
            exclude  Exclude logs that match the filter.
end