Fortinet Document Library

Version:


Table of Contents

CLI Reference

6.2.1
Copy Link

Settings for local disk logging.

  config log disk setting
      Description: Settings for local disk logging.
      set status [enable|disable]
      set ips-archive [enable|disable]
      set max-log-file-size {integer}
      set max-policy-packet-capture-size {integer}
      set roll-schedule [daily|weekly]
      set roll-day {option1}, {option2}, ...
      set roll-time {user}
      set diskfull [overwrite|nolog]
      set log-quota {integer}
      set dlp-archive-quota {integer}
      set report-quota {integer}
      set maximum-log-age {integer}
      set upload [enable|disable]
      set upload-destination {option}
      set uploadip {ipv4-address}
      set uploadport {integer}
      set source-ip {ipv4-address}
      set uploaduser {string}
      set uploadpass {password}
      set uploaddir {string}
      set uploadtype {option1}, {option2}, ...
      set uploadsched [disable|enable]
      set uploadtime {user}
      set upload-delete-files [enable|disable]
      set upload-ssl-conn [default|high|...]
      set full-first-warning-threshold {integer}
      set full-second-warning-threshold {integer}
      set full-final-warning-threshold {integer}
  end

config log disk setting

Parameter Name Description Type Size
status Enable/disable local disk logging.
enable: Log to local disk.
disable: Do not log to local disk.
option -
ips-archive Enable/disable IPS packet archiving to the local disk.
enable: Enable IPS packet archiving.
disable: Disable IPS packet archiving.
option -
max-log-file-size Maximum log file size before rolling (1 - 100 Mbytes). integer Minimum value: 1 Maximum value: 100
max-policy-packet-capture-size Maximum size of policy sniffer in MB (0 means unlimited). integer Minimum value: 0 Maximum value: 4294967295
roll-schedule Frequency to check log file for rolling.
daily: Check the log file once a day.
weekly: Check the log file once a week.
option -
roll-day Day of week on which to roll log file.
sunday: Sunday
monday: Monday
tuesday: Tuesday
wednesday: Wednesday
thursday: Thursday
friday: Friday
saturday: Saturday
option -
roll-time Time of day to roll the log file (hh:mm). user Not Specified
diskfull Action to take when disk is full. The system can overwrite the oldest log messages or stop logging when the disk is full (default = overwrite).
overwrite: Overwrite the oldest logs when the log disk is full.
nolog: Stop logging when the log disk is full.
option -
log-quota Disk log quota (MB). integer Minimum value: 0 Maximum value: 4294967295
dlp-archive-quota DLP archive quota (MB). integer Minimum value: 0 Maximum value: 4294967295
report-quota Report quota (MB). integer Minimum value: 0 Maximum value: 4294967295
maximum-log-age Delete log files older than (days). integer Minimum value: 0 Maximum value: 3650
upload Enable/disable uploading log files when they are rolled.
enable: Enable uploading log files when they are rolled.
disable: Disable uploading log files when they are rolled.
option -
upload-destination The type of server to upload log files to. Only FTP is currently supported.
ftp-server: Upload rolled log files to an FTP server.
option -
uploadip IP address of the FTP server to upload log files to. ipv4-address Not Specified
uploadport TCP port to use for communicating with the FTP server (default = 21). integer Minimum value: 0 Maximum value: 65535
source-ip Source IP address to use for uploading disk log files. ipv4-address Not Specified
uploaduser Username required to log into the FTP server to upload disk log files. string Maximum length: 35
uploadpass Password required to log into the FTP server to upload disk log files. password Not Specified
uploaddir The remote directory on the FTP server to upload log files to. string Maximum length: 63
uploadtype Types of log files to upload. Separate multiple entries with a space.
traffic: Upload traffic log.
event: Upload event log.
virus: Upload anti-virus log.
webfilter: Upload web filter log.
IPS: Upload IPS log.
emailfilter: Upload spam filter log.
dlp-archive: Upload DLP archive.
anomaly: Upload anomaly log.
voip: Upload VoIP log.
dlp: Upload DLP log.
app-ctrl: Upload application control log.
waf: Upload web application firewall log.
dns: Upload DNS log.
ssh: Upload SSH log.
ssl: Upload SSL log.
cifs: Upload CIFS log.
file-filter: Upload file-filter log.
option -
uploadsched Set the schedule for uploading log files to the FTP server (default = disable = upload when rolling).
disable: Upload when rolling.
enable: Scheduled upload.
option -
uploadtime Time of day at which log files are uploaded if uploadsched is enabled (hh:mm or hh). user Not Specified
upload-delete-files Delete log files after uploading (default = enable).
enable: Delete log files after uploading.
disable: Do not delete log files after uploading.
option -
upload-ssl-conn Enable/disable encrypted FTPS communication to upload log files.
default: FTPS with high and medium encryption algorithms.
high: FTPS with high encryption algorithms.
low: FTPS with low encryption algorithms.
disable: Disable FTPS communication.
option -
full-first-warning-threshold Log full first warning threshold as a percent (1 - 98, default = 75). integer Minimum value: 1 Maximum value: 98
full-second-warning-threshold Log full second warning threshold as a percent (2 - 99, default = 90). integer Minimum value: 2 Maximum value: 99
full-final-warning-threshold Log full final warning threshold as a percent (3 - 100, default = 95). integer Minimum value: 3 Maximum value: 100

Settings for local disk logging.

  config log disk setting
      Description: Settings for local disk logging.
      set status [enable|disable]
      set ips-archive [enable|disable]
      set max-log-file-size {integer}
      set max-policy-packet-capture-size {integer}
      set roll-schedule [daily|weekly]
      set roll-day {option1}, {option2}, ...
      set roll-time {user}
      set diskfull [overwrite|nolog]
      set log-quota {integer}
      set dlp-archive-quota {integer}
      set report-quota {integer}
      set maximum-log-age {integer}
      set upload [enable|disable]
      set upload-destination {option}
      set uploadip {ipv4-address}
      set uploadport {integer}
      set source-ip {ipv4-address}
      set uploaduser {string}
      set uploadpass {password}
      set uploaddir {string}
      set uploadtype {option1}, {option2}, ...
      set uploadsched [disable|enable]
      set uploadtime {user}
      set upload-delete-files [enable|disable]
      set upload-ssl-conn [default|high|...]
      set full-first-warning-threshold {integer}
      set full-second-warning-threshold {integer}
      set full-final-warning-threshold {integer}
  end

config log disk setting

Parameter Name Description Type Size
status Enable/disable local disk logging.
enable: Log to local disk.
disable: Do not log to local disk.
option -
ips-archive Enable/disable IPS packet archiving to the local disk.
enable: Enable IPS packet archiving.
disable: Disable IPS packet archiving.
option -
max-log-file-size Maximum log file size before rolling (1 - 100 Mbytes). integer Minimum value: 1 Maximum value: 100
max-policy-packet-capture-size Maximum size of policy sniffer in MB (0 means unlimited). integer Minimum value: 0 Maximum value: 4294967295
roll-schedule Frequency to check log file for rolling.
daily: Check the log file once a day.
weekly: Check the log file once a week.
option -
roll-day Day of week on which to roll log file.
sunday: Sunday
monday: Monday
tuesday: Tuesday
wednesday: Wednesday
thursday: Thursday
friday: Friday
saturday: Saturday
option -
roll-time Time of day to roll the log file (hh:mm). user Not Specified
diskfull Action to take when disk is full. The system can overwrite the oldest log messages or stop logging when the disk is full (default = overwrite).
overwrite: Overwrite the oldest logs when the log disk is full.
nolog: Stop logging when the log disk is full.
option -
log-quota Disk log quota (MB). integer Minimum value: 0 Maximum value: 4294967295
dlp-archive-quota DLP archive quota (MB). integer Minimum value: 0 Maximum value: 4294967295
report-quota Report quota (MB). integer Minimum value: 0 Maximum value: 4294967295
maximum-log-age Delete log files older than (days). integer Minimum value: 0 Maximum value: 3650
upload Enable/disable uploading log files when they are rolled.
enable: Enable uploading log files when they are rolled.
disable: Disable uploading log files when they are rolled.
option -
upload-destination The type of server to upload log files to. Only FTP is currently supported.
ftp-server: Upload rolled log files to an FTP server.
option -
uploadip IP address of the FTP server to upload log files to. ipv4-address Not Specified
uploadport TCP port to use for communicating with the FTP server (default = 21). integer Minimum value: 0 Maximum value: 65535
source-ip Source IP address to use for uploading disk log files. ipv4-address Not Specified
uploaduser Username required to log into the FTP server to upload disk log files. string Maximum length: 35
uploadpass Password required to log into the FTP server to upload disk log files. password Not Specified
uploaddir The remote directory on the FTP server to upload log files to. string Maximum length: 63
uploadtype Types of log files to upload. Separate multiple entries with a space.
traffic: Upload traffic log.
event: Upload event log.
virus: Upload anti-virus log.
webfilter: Upload web filter log.
IPS: Upload IPS log.
emailfilter: Upload spam filter log.
dlp-archive: Upload DLP archive.
anomaly: Upload anomaly log.
voip: Upload VoIP log.
dlp: Upload DLP log.
app-ctrl: Upload application control log.
waf: Upload web application firewall log.
dns: Upload DNS log.
ssh: Upload SSH log.
ssl: Upload SSL log.
cifs: Upload CIFS log.
file-filter: Upload file-filter log.
option -
uploadsched Set the schedule for uploading log files to the FTP server (default = disable = upload when rolling).
disable: Upload when rolling.
enable: Scheduled upload.
option -
uploadtime Time of day at which log files are uploaded if uploadsched is enabled (hh:mm or hh). user Not Specified
upload-delete-files Delete log files after uploading (default = enable).
enable: Delete log files after uploading.
disable: Do not delete log files after uploading.
option -
upload-ssl-conn Enable/disable encrypted FTPS communication to upload log files.
default: FTPS with high and medium encryption algorithms.
high: FTPS with high encryption algorithms.
low: FTPS with low encryption algorithms.
disable: Disable FTPS communication.
option -
full-first-warning-threshold Log full first warning threshold as a percent (1 - 98, default = 75). integer Minimum value: 1 Maximum value: 98
full-second-warning-threshold Log full second warning threshold as a percent (2 - 99, default = 90). integer Minimum value: 2 Maximum value: 99
full-final-warning-threshold Log full final warning threshold as a percent (3 - 100, default = 95). integer Minimum value: 3 Maximum value: 100