Fortinet black logo

Administration Guide

Application logging in NGFW policy mode

Application logging in NGFW policy mode

In NGFW policy mode, if an application, application category, or application group is selected on a security policy, and traffic logging is set to UTM or All, then application control logs will be generated. In addition, when a signature is set to the ACCEPT action under a security policy, all corresponding child signatures will be assessed and logged as well.

To verify application logging:
  1. Go to Policy & Objects > Security Policy and configure a new policy for YouTube.
  2. Set Action to ACCEPT and Log Allowed Traffic to Security Events.

    Security policy for YouTube

  3. Configure the remaining settings as required, then click OK.
  4. On a client system, play some YouTube videos.
  5. On FortiOS, go to Log & Report > Application Control and view the logs.

    There are logs not only for YouTube, but also for YouTube_Video.Play, YouTube_Video.Access, and so on, as verified from the Application Name column.

    Traffic logs for YouTube

Application logging in NGFW policy mode

Application logging in NGFW policy mode

In NGFW policy mode, if an application, application category, or application group is selected on a security policy, and traffic logging is set to UTM or All, then application control logs will be generated. In addition, when a signature is set to the ACCEPT action under a security policy, all corresponding child signatures will be assessed and logged as well.

To verify application logging:
  1. Go to Policy & Objects > Security Policy and configure a new policy for YouTube.
  2. Set Action to ACCEPT and Log Allowed Traffic to Security Events.

    Security policy for YouTube

  3. Configure the remaining settings as required, then click OK.
  4. On a client system, play some YouTube videos.
  5. On FortiOS, go to Log & Report > Application Control and view the logs.

    There are logs not only for YouTube, but also for YouTube_Video.Play, YouTube_Video.Access, and so on, as verified from the Application Name column.

    Traffic logs for YouTube