Fortinet black logo

CLI Reference

log disk setting

log disk setting

Use this command to configure log settings for logging to the local disk.

Disk logging is only available for FortiGate units with an internal hard disk. You can also use this command to configure the FortiGate unit to upload current log files to an FTP server every time the log files are rolled.

config log disk setting
    set status {enable | disable}   Enable/disable local disk logging.
    set ips-archive {enable | disable}   Enable/disable IPS packet archiving to the local disk.
    set max-log-file-size {integer}   Maximum log file size before rolling (1 - 100 Mbytes). range[1-100]
    set max-policy-packet-capture-size {integer}   Maximum size of policy sniffer in MB (0 means unlimited). range[0-4294967295]
    set roll-schedule {daily | weekly}   Frequency to check log file for rolling.
            daily   Check the log file once a day.
            weekly  Check the log file once a week.
    set roll-day {option}   Day of week on which to roll log file.
            sunday     Sunday
            monday     Monday
            tuesday    Tuesday
            wednesday  Wednesday
            thursday   Thursday
            friday     Friday
            saturday   Saturday
    set roll-time {string}   Time of day to roll the log file (hh:mm).
    set diskfull {overwrite | nolog}   Action to take when disk is full. The system can overwrite the oldest log messages or stop logging when the disk is full (default = overwrite).
            overwrite  Overwrite the oldest logs when the log disk is full.
            nolog      Stop logging when the log disk is full.
    set log-quota {integer}   Disk log quota (MB). range[0-4294967295]
    set dlp-archive-quota {integer}   DLP archive quota (MB). range[0-4294967295]
    set report-quota {integer}   Report quota (MB). range[0-4294967295]
    set maximum-log-age {integer}   Delete log files older than (days). range[0-3650]
    set upload {enable | disable}   Enable/disable uploading log files when they are rolled.
    set upload-destination {ftp-server}   The type of server to upload log files to. Only FTP is currently supported.
            ftp-server  Upload rolled log files to an FTP server.
    set uploadip {ipv4 address}   IP address of the FTP server to upload log files to.
    set uploadport {integer}   TCP port to use for communicating with the FTP server (default = 21). range[0-65535]
    set source-ip {ipv4 address}   Source IP address to use for uploading disk log files.
    set uploaduser {string}   Username required to log into the FTP server to upload disk log files. size[35]
    set uploadpass {password_string}   Password required to log into the FTP server to upload disk log files. size[128]
    set uploaddir {string}   The remote directory on the FTP server to upload log files to. size[63]
    set uploadtype {option}   Types of log files to upload. Separate multiple entries with a space.
            traffic      Upload traffic log.
            event        Upload event log.
            virus        Upload anti-virus log.
            webfilter    Upload web filter log.
            IPS          Upload IPS log.
            spamfilter   Upload spam filter log.
            dlp-archive  Upload DLP archive.
            anomaly      Upload anomaly log.
            voip         Upload VoIP log.
            dlp          Upload DLP log.
            app-ctrl     Upload application control log.
            waf          Upload web application firewall log.
            netscan      Upload network vulnerability scanning log.
            gtp          Upload GTP log.
            dns          Upload DNS log.
    set uploadsched {disable | enable}   Set the schedule for uploading log files to the FTP server (default = disable = upload when rolling).
    set uploadtime {string}   Time of day at which log files are uploaded if uploadsched is enabled (hh:mm or hh).
    set upload-delete-files {enable | disable}   Delete log files after uploading (default = enable).
    set upload-ssl-conn {default | high | low | disable}   Enable/disable encrypted FTPS communication to upload log files.
            default  FTPS with high and medium encryption algorithms.
            high     FTPS with high encryption algorithms.
            low      FTPS with low encryption algorithms.
            disable  Disable FTPS communication.
    set full-first-warning-threshold {integer}   Log full first warning threshold as a percent (1 - 98, default = 75). range[1-98]
    set full-second-warning-threshold {integer}   Log full second warning threshold as a percent (2 - 99, default = 90). range[2-99]
    set full-final-warning-threshold {integer}   Log full final warning threshold as a percent (3 - 100, default = 95). range[3-100]
end

log disk setting

Use this command to configure log settings for logging to the local disk.

Disk logging is only available for FortiGate units with an internal hard disk. You can also use this command to configure the FortiGate unit to upload current log files to an FTP server every time the log files are rolled.

config log disk setting
    set status {enable | disable}   Enable/disable local disk logging.
    set ips-archive {enable | disable}   Enable/disable IPS packet archiving to the local disk.
    set max-log-file-size {integer}   Maximum log file size before rolling (1 - 100 Mbytes). range[1-100]
    set max-policy-packet-capture-size {integer}   Maximum size of policy sniffer in MB (0 means unlimited). range[0-4294967295]
    set roll-schedule {daily | weekly}   Frequency to check log file for rolling.
            daily   Check the log file once a day.
            weekly  Check the log file once a week.
    set roll-day {option}   Day of week on which to roll log file.
            sunday     Sunday
            monday     Monday
            tuesday    Tuesday
            wednesday  Wednesday
            thursday   Thursday
            friday     Friday
            saturday   Saturday
    set roll-time {string}   Time of day to roll the log file (hh:mm).
    set diskfull {overwrite | nolog}   Action to take when disk is full. The system can overwrite the oldest log messages or stop logging when the disk is full (default = overwrite).
            overwrite  Overwrite the oldest logs when the log disk is full.
            nolog      Stop logging when the log disk is full.
    set log-quota {integer}   Disk log quota (MB). range[0-4294967295]
    set dlp-archive-quota {integer}   DLP archive quota (MB). range[0-4294967295]
    set report-quota {integer}   Report quota (MB). range[0-4294967295]
    set maximum-log-age {integer}   Delete log files older than (days). range[0-3650]
    set upload {enable | disable}   Enable/disable uploading log files when they are rolled.
    set upload-destination {ftp-server}   The type of server to upload log files to. Only FTP is currently supported.
            ftp-server  Upload rolled log files to an FTP server.
    set uploadip {ipv4 address}   IP address of the FTP server to upload log files to.
    set uploadport {integer}   TCP port to use for communicating with the FTP server (default = 21). range[0-65535]
    set source-ip {ipv4 address}   Source IP address to use for uploading disk log files.
    set uploaduser {string}   Username required to log into the FTP server to upload disk log files. size[35]
    set uploadpass {password_string}   Password required to log into the FTP server to upload disk log files. size[128]
    set uploaddir {string}   The remote directory on the FTP server to upload log files to. size[63]
    set uploadtype {option}   Types of log files to upload. Separate multiple entries with a space.
            traffic      Upload traffic log.
            event        Upload event log.
            virus        Upload anti-virus log.
            webfilter    Upload web filter log.
            IPS          Upload IPS log.
            spamfilter   Upload spam filter log.
            dlp-archive  Upload DLP archive.
            anomaly      Upload anomaly log.
            voip         Upload VoIP log.
            dlp          Upload DLP log.
            app-ctrl     Upload application control log.
            waf          Upload web application firewall log.
            netscan      Upload network vulnerability scanning log.
            gtp          Upload GTP log.
            dns          Upload DNS log.
    set uploadsched {disable | enable}   Set the schedule for uploading log files to the FTP server (default = disable = upload when rolling).
    set uploadtime {string}   Time of day at which log files are uploaded if uploadsched is enabled (hh:mm or hh).
    set upload-delete-files {enable | disable}   Delete log files after uploading (default = enable).
    set upload-ssl-conn {default | high | low | disable}   Enable/disable encrypted FTPS communication to upload log files.
            default  FTPS with high and medium encryption algorithms.
            high     FTPS with high encryption algorithms.
            low      FTPS with low encryption algorithms.
            disable  Disable FTPS communication.
    set full-first-warning-threshold {integer}   Log full first warning threshold as a percent (1 - 98, default = 75). range[1-98]
    set full-second-warning-threshold {integer}   Log full second warning threshold as a percent (2 - 99, default = 90). range[2-99]
    set full-final-warning-threshold {integer}   Log full final warning threshold as a percent (3 - 100, default = 95). range[3-100]
end