Fortinet black logo

CLI Reference

log {syslogd | syslogd2 | syslogd3 | syslogd4} setting

log {syslogd | syslogd2 | syslogd3 | syslogd4} setting

Use this command to connect and configure logging to up to four remote Syslog logging servers.

note icon The exact same entries can be found under the syslogd, syslogd2, syslogd3, and syslogd4 setting commands.

Command Description

set mode {udp | legacy-reliable | reliable}

Determine how UTM events are logged and trasmitted when a UTM event occurs.

set enc-algorithm {high-medium | high | medium | low}

To conform with RFC 5425 (syslog on an encrypted TLS connection over TCP) and general logging security standards for syslog, reliable syslog encryption is now customizable.

set certificate <name>

Certificate used to communicate with Syslog server.
config log syslogd setting
    set status {enable | disable}   Enable/disable remote syslog logging.
    set server {string}   Address of remote syslog server. size[63]
    set mode {udp | legacy-reliable | reliable}   Remote syslog logging over UDP/Reliable TCP.
            udp              Enable syslogging over UDP.
            legacy-reliable  Enable legacy reliable syslogging by RFC3195 (Reliable Delivery for Syslog).
            reliable         Enable reliable syslogging by RFC6587 (Transmission of Syslog Messages over TCP).
    set port {integer}   Server listen port. range[0-65535]
    set facility {option}   Remote syslog facility.
            kernel    Kernel messages.
            user      Random user-level messages.
            mail      Mail system.
            daemon    System daemons.
            auth      Security/authorization messages.
            syslog    Messages generated internally by syslog.
            lpr       Line printer subsystem.
            news      Network news subsystem.
            uucp      Network news subsystem.
            cron      Clock daemon.
            authpriv  Security/authorization messages (private).
            ftp       FTP daemon.
            ntp       NTP daemon.
            audit     Log audit.
            alert     Log alert.
            clock     Clock daemon.
            local0    Reserved for local use.
            local1    Reserved for local use.
            local2    Reserved for local use.
            local3    Reserved for local use.
            local4    Reserved for local use.
            local5    Reserved for local use.
            local6    Reserved for local use.
            local7    Reserved for local use.
    set source-ip {string}   Source IP address of syslog. size[63]
    set format {default | csv | cef}   Log format.
            default  Syslog format.
            csv      CSV (Comma Separated Values) format.
            cef      CEF (Common Event Format) format.
    set enc-algorithm {high-medium | high | low | disable}   Enable/disable reliable syslogging with TLS encryption.
            high-medium  SSL communication with high and medium encryption algorithms.
            high         SSL communication with high encryption algorithms.
            low          SSL communication with low encryption algorithms.
            disable      Disable SSL communication.
    set ssl-min-proto-version {option}   Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
            default  Follow system global setting.
            SSLv3    SSLv3.
            TLSv1    TLSv1.
            TLSv1-1  TLSv1.1.
            TLSv1-2  TLSv1.2.
    set certificate {string}   Certificate used to communicate with Syslog server. size[35] - datasource(s): certificate.local.name
    config custom-field-name
        edit {id}
        # Custom field name for CEF format logging.
            set id {integer}   Entry ID. range[0-255]
            set name {string}   Field name. size[35]
            set custom {string}   Field custom name. size[35]
        next
end

log {syslogd | syslogd2 | syslogd3 | syslogd4} setting

Use this command to connect and configure logging to up to four remote Syslog logging servers.

note icon The exact same entries can be found under the syslogd, syslogd2, syslogd3, and syslogd4 setting commands.

Command Description

set mode {udp | legacy-reliable | reliable}

Determine how UTM events are logged and trasmitted when a UTM event occurs.

set enc-algorithm {high-medium | high | medium | low}

To conform with RFC 5425 (syslog on an encrypted TLS connection over TCP) and general logging security standards for syslog, reliable syslog encryption is now customizable.

set certificate <name>

Certificate used to communicate with Syslog server.
config log syslogd setting
    set status {enable | disable}   Enable/disable remote syslog logging.
    set server {string}   Address of remote syslog server. size[63]
    set mode {udp | legacy-reliable | reliable}   Remote syslog logging over UDP/Reliable TCP.
            udp              Enable syslogging over UDP.
            legacy-reliable  Enable legacy reliable syslogging by RFC3195 (Reliable Delivery for Syslog).
            reliable         Enable reliable syslogging by RFC6587 (Transmission of Syslog Messages over TCP).
    set port {integer}   Server listen port. range[0-65535]
    set facility {option}   Remote syslog facility.
            kernel    Kernel messages.
            user      Random user-level messages.
            mail      Mail system.
            daemon    System daemons.
            auth      Security/authorization messages.
            syslog    Messages generated internally by syslog.
            lpr       Line printer subsystem.
            news      Network news subsystem.
            uucp      Network news subsystem.
            cron      Clock daemon.
            authpriv  Security/authorization messages (private).
            ftp       FTP daemon.
            ntp       NTP daemon.
            audit     Log audit.
            alert     Log alert.
            clock     Clock daemon.
            local0    Reserved for local use.
            local1    Reserved for local use.
            local2    Reserved for local use.
            local3    Reserved for local use.
            local4    Reserved for local use.
            local5    Reserved for local use.
            local6    Reserved for local use.
            local7    Reserved for local use.
    set source-ip {string}   Source IP address of syslog. size[63]
    set format {default | csv | cef}   Log format.
            default  Syslog format.
            csv      CSV (Comma Separated Values) format.
            cef      CEF (Common Event Format) format.
    set enc-algorithm {high-medium | high | low | disable}   Enable/disable reliable syslogging with TLS encryption.
            high-medium  SSL communication with high and medium encryption algorithms.
            high         SSL communication with high encryption algorithms.
            low          SSL communication with low encryption algorithms.
            disable      Disable SSL communication.
    set ssl-min-proto-version {option}   Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
            default  Follow system global setting.
            SSLv3    SSLv3.
            TLSv1    TLSv1.
            TLSv1-1  TLSv1.1.
            TLSv1-2  TLSv1.2.
    set certificate {string}   Certificate used to communicate with Syslog server. size[35] - datasource(s): certificate.local.name
    config custom-field-name
        edit {id}
        # Custom field name for CEF format logging.
            set id {integer}   Entry ID. range[0-255]
            set name {string}   Field name. size[35]
            set custom {string}   Field custom name. size[35]
        next
end