Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

CLI Reference

config log syslogd4 override-setting

Override settings for remote syslog server.

config log syslogd4 override-setting

Description: Override settings for remote syslog server.

set status [enable|disable]

set server {string}

set mode [udp|legacy-reliable|...]

set port {integer}

set facility [kernel|user|...]

set source-ip {string}

set format [default|csv|...]

set priority [default|low]

set max-log-rate {integer}

set enc-algorithm [high-medium|high|...]

set ssl-min-proto-version [default|SSLv3|...]

set certificate {string}

config custom-field-name

Description: Custom field name for CEF format logging.

edit <id>

set name {string}

set custom {string}

next

end

set interface-select-method [auto|sdwan|...]

set interface {string}

end

config log syslogd4 override-setting

Parameter

Description

Type

Size

Default

status

Enable/disable remote syslog logging.

option

-

disable

 

Option

Description

enable

Log to remote syslog server.

disable

Do not log to remote syslog server.

server

Address of remote syslog server.

string

Maximum length: 127

mode

Remote syslog logging over UDP/Reliable TCP.

option

-

udp

 

Option

Description

udp

Enable syslogging over UDP.

legacy-reliable

Enable legacy reliable syslogging by RFC3195 (Reliable Delivery for Syslog).

reliable

Enable reliable syslogging by RFC6587 (Transmission of Syslog Messages over TCP).

port

Server listen port.

integer

Minimum value: 0 Maximum value: 65535

514

facility

Remote syslog facility.

option

-

local7

 

Option

Description

kernel

Kernel messages.

user

Random user-level messages.

mail

Mail system.

daemon

System daemons.

auth

Security/authorization messages.

syslog

Messages generated internally by syslog.

lpr

Line printer subsystem.

news

Network news subsystem.

uucp

Network news subsystem.

cron

Clock daemon.

authpriv

Security/authorization messages (private).

ftp

FTP daemon.

ntp

NTP daemon.

audit

Log audit.

alert

Log alert.

clock

Clock daemon.

local0

Reserved for local use.

local1

Reserved for local use.

local2

Reserved for local use.

local3

Reserved for local use.

local4

Reserved for local use.

local5

Reserved for local use.

local6

Reserved for local use.

local7

Reserved for local use.

source-ip

Source IP address of syslog.

string

Maximum length: 63

format

Log format.

option

-

default

 

Option

Description

default

Syslog format.

csv

CSV (Comma Separated Values) format.

cef

CEF (Common Event Format) format.

priority

Set log transmission priority.

option

-

default

 

Option

Description

default

Set Syslog transmission priority to default.

low

Set Syslog transmission priority to low.

max-log-rate

Syslog maximum log rate in MBps (0 = unlimited).

integer

Minimum value: 0 Maximum value: 100000

0

enc-algorithm

Enable/disable reliable syslogging with TLS encryption.

option

-

disable

 

Option

Description

high-medium

SSL communication with high and medium encryption algorithms.

high

SSL communication with high encryption algorithms.

low

SSL communication with low encryption algorithms.

disable

Disable SSL communication.

ssl-min-proto-version

Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).

option

-

default

 

Option

Description

default

Follow system global setting.

SSLv3

SSLv3.

TLSv1

TLSv1.

TLSv1-1

TLSv1.1.

TLSv1-2

TLSv1.2.

certificate

Certificate used to communicate with Syslog server.

string

Maximum length: 35

interface-select-method

Specify how to select outgoing interface to reach server.

option

-

auto

 

Option

Description

auto

Set outgoing interface automatically.

sdwan

Set outgoing interface by SD-WAN or policy routing rules.

specify

Set outgoing interface manually.

interface

Specify outgoing interface to reach server.

string

Maximum length: 15

Parameter

Description

Type

Size

Default

name

Field name.

string

Maximum length: 35

custom

Field custom name.

string

Maximum length: 35

config log syslogd4 override-setting

Override settings for remote syslog server.

config log syslogd4 override-setting

Description: Override settings for remote syslog server.

set status [enable|disable]

set server {string}

set mode [udp|legacy-reliable|...]

set port {integer}

set facility [kernel|user|...]

set source-ip {string}

set format [default|csv|...]

set priority [default|low]

set max-log-rate {integer}

set enc-algorithm [high-medium|high|...]

set ssl-min-proto-version [default|SSLv3|...]

set certificate {string}

config custom-field-name

Description: Custom field name for CEF format logging.

edit <id>

set name {string}

set custom {string}

next

end

set interface-select-method [auto|sdwan|...]

set interface {string}

end

config log syslogd4 override-setting

Parameter

Description

Type

Size

Default

status

Enable/disable remote syslog logging.

option

-

disable

 

Option

Description

enable

Log to remote syslog server.

disable

Do not log to remote syslog server.

server

Address of remote syslog server.

string

Maximum length: 127

mode

Remote syslog logging over UDP/Reliable TCP.

option

-

udp

 

Option

Description

udp

Enable syslogging over UDP.

legacy-reliable

Enable legacy reliable syslogging by RFC3195 (Reliable Delivery for Syslog).

reliable

Enable reliable syslogging by RFC6587 (Transmission of Syslog Messages over TCP).

port

Server listen port.

integer

Minimum value: 0 Maximum value: 65535

514

facility

Remote syslog facility.

option

-

local7

 

Option

Description

kernel

Kernel messages.

user

Random user-level messages.

mail

Mail system.

daemon

System daemons.

auth

Security/authorization messages.

syslog

Messages generated internally by syslog.

lpr

Line printer subsystem.

news

Network news subsystem.

uucp

Network news subsystem.

cron

Clock daemon.

authpriv

Security/authorization messages (private).

ftp

FTP daemon.

ntp

NTP daemon.

audit

Log audit.

alert

Log alert.

clock

Clock daemon.

local0

Reserved for local use.

local1

Reserved for local use.

local2

Reserved for local use.

local3

Reserved for local use.

local4

Reserved for local use.

local5

Reserved for local use.

local6

Reserved for local use.

local7

Reserved for local use.

source-ip

Source IP address of syslog.

string

Maximum length: 63

format

Log format.

option

-

default

 

Option

Description

default

Syslog format.

csv

CSV (Comma Separated Values) format.

cef

CEF (Common Event Format) format.

priority

Set log transmission priority.

option

-

default

 

Option

Description

default

Set Syslog transmission priority to default.

low

Set Syslog transmission priority to low.

max-log-rate

Syslog maximum log rate in MBps (0 = unlimited).

integer

Minimum value: 0 Maximum value: 100000

0

enc-algorithm

Enable/disable reliable syslogging with TLS encryption.

option

-

disable

 

Option

Description

high-medium

SSL communication with high and medium encryption algorithms.

high

SSL communication with high encryption algorithms.

low

SSL communication with low encryption algorithms.

disable

Disable SSL communication.

ssl-min-proto-version

Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).

option

-

default

 

Option

Description

default

Follow system global setting.

SSLv3

SSLv3.

TLSv1

TLSv1.

TLSv1-1

TLSv1.1.

TLSv1-2

TLSv1.2.

certificate

Certificate used to communicate with Syslog server.

string

Maximum length: 35

interface-select-method

Specify how to select outgoing interface to reach server.

option

-

auto

 

Option

Description

auto

Set outgoing interface automatically.

sdwan

Set outgoing interface by SD-WAN or policy routing rules.

specify

Set outgoing interface manually.

interface

Specify outgoing interface to reach server.

string

Maximum length: 15

Parameter

Description

Type

Size

Default

name

Field name.

string

Maximum length: 35

custom

Field custom name.

string

Maximum length: 35