Fortinet white logo
Fortinet white logo

CLI Reference

config log fortianalyzer filter

config log fortianalyzer filter

Filters for FortiAnalyzer.

config log fortianalyzer filter
    Description: Filters for FortiAnalyzer.
    set anomaly [enable|disable]
    set dlp-archive [enable|disable]
    set forward-traffic [enable|disable]
    config free-style
        Description: Free style filters.
        edit <id>
            set category [traffic|event|...]
            set filter {string}
            set filter-type [include|exclude]
        next
    end
    set gtp [enable|disable]
    set local-traffic [enable|disable]
    set multicast-traffic [enable|disable]
    set severity [emergency|alert|...]
    set sniffer-traffic [enable|disable]
    set voip [enable|disable]
    set ztna-traffic [enable|disable]
end

config log fortianalyzer filter

Parameter

Description

Type

Size

Default

anomaly

Enable/disable anomaly logging.

option

-

enable

Option

Description

enable

Enable anomaly logging.

disable

Disable anomaly logging.

dlp-archive

Enable/disable DLP archive logging.

option

-

enable

Option

Description

enable

Enable DLP archive logging.

disable

Disable DLP archive logging.

forward-traffic

Enable/disable forward traffic logging.

option

-

enable

Option

Description

enable

Enable forward traffic logging.

disable

Disable forward traffic logging.

gtp *

Enable/disable GTP messages logging.

option

-

enable

Option

Description

enable

Enable GTP messages logging.

disable

Disable GTP messages logging.

local-traffic

Enable/disable local in or out traffic logging.

option

-

enable

Option

Description

enable

Enable local in or out traffic logging.

disable

Disable local in or out traffic logging.

multicast-traffic

Enable/disable multicast traffic logging.

option

-

enable

Option

Description

enable

Enable multicast traffic logging.

disable

Disable multicast traffic logging.

severity

Lowest severity level to log.

option

-

information

Option

Description

emergency

Emergency level.

alert

Alert level.

critical

Critical level.

error

Error level.

warning

Warning level.

notification

Notification level.

information

Information level.

debug

Debug level.

sniffer-traffic

Enable/disable sniffer traffic logging.

option

-

enable

Option

Description

enable

Enable sniffer traffic logging.

disable

Disable sniffer traffic logging.

voip

Enable/disable VoIP logging.

option

-

enable

Option

Description

enable

Enable VoIP logging.

disable

Disable VoIP logging.

ztna-traffic

Enable/disable ztna traffic logging.

option

-

enable

Option

Description

enable

Enable ztna traffic logging.

disable

Disable ztna traffic logging.

* This parameter may not exist in some models.

config free-style

Parameter

Description

Type

Size

Default

id

Entry ID.

integer

Minimum value: 0 Maximum value: 4294967295

0

category

Log category.

option

-

traffic

Option

Description

traffic

Traffic log.

event

Event log.

virus

Antivirus log.

webfilter

Web filter log.

attack

Attack log.

spam

Antispam log.

anomaly

Anomaly log.

voip

VoIP log.

dlp

DLP log.

app-ctrl

Application control log.

waf

Web application firewall log.

dns

DNS detail log.

ssh

SSH log.

ssl

SSL log.

file-filter

File filter log.

icap

ICAP log.

filter

Free style filter string.

string

Maximum length: 1023

filter-type

Include/exclude logs that match the filter.

option

-

include

Option

Description

include

Include logs that match the filter.

exclude

Exclude logs that match the filter.

config log fortianalyzer filter

config log fortianalyzer filter

Filters for FortiAnalyzer.

config log fortianalyzer filter
    Description: Filters for FortiAnalyzer.
    set anomaly [enable|disable]
    set dlp-archive [enable|disable]
    set forward-traffic [enable|disable]
    config free-style
        Description: Free style filters.
        edit <id>
            set category [traffic|event|...]
            set filter {string}
            set filter-type [include|exclude]
        next
    end
    set gtp [enable|disable]
    set local-traffic [enable|disable]
    set multicast-traffic [enable|disable]
    set severity [emergency|alert|...]
    set sniffer-traffic [enable|disable]
    set voip [enable|disable]
    set ztna-traffic [enable|disable]
end

config log fortianalyzer filter

Parameter

Description

Type

Size

Default

anomaly

Enable/disable anomaly logging.

option

-

enable

Option

Description

enable

Enable anomaly logging.

disable

Disable anomaly logging.

dlp-archive

Enable/disable DLP archive logging.

option

-

enable

Option

Description

enable

Enable DLP archive logging.

disable

Disable DLP archive logging.

forward-traffic

Enable/disable forward traffic logging.

option

-

enable

Option

Description

enable

Enable forward traffic logging.

disable

Disable forward traffic logging.

gtp *

Enable/disable GTP messages logging.

option

-

enable

Option

Description

enable

Enable GTP messages logging.

disable

Disable GTP messages logging.

local-traffic

Enable/disable local in or out traffic logging.

option

-

enable

Option

Description

enable

Enable local in or out traffic logging.

disable

Disable local in or out traffic logging.

multicast-traffic

Enable/disable multicast traffic logging.

option

-

enable

Option

Description

enable

Enable multicast traffic logging.

disable

Disable multicast traffic logging.

severity

Lowest severity level to log.

option

-

information

Option

Description

emergency

Emergency level.

alert

Alert level.

critical

Critical level.

error

Error level.

warning

Warning level.

notification

Notification level.

information

Information level.

debug

Debug level.

sniffer-traffic

Enable/disable sniffer traffic logging.

option

-

enable

Option

Description

enable

Enable sniffer traffic logging.

disable

Disable sniffer traffic logging.

voip

Enable/disable VoIP logging.

option

-

enable

Option

Description

enable

Enable VoIP logging.

disable

Disable VoIP logging.

ztna-traffic

Enable/disable ztna traffic logging.

option

-

enable

Option

Description

enable

Enable ztna traffic logging.

disable

Disable ztna traffic logging.

* This parameter may not exist in some models.

config free-style

Parameter

Description

Type

Size

Default

id

Entry ID.

integer

Minimum value: 0 Maximum value: 4294967295

0

category

Log category.

option

-

traffic

Option

Description

traffic

Traffic log.

event

Event log.

virus

Antivirus log.

webfilter

Web filter log.

attack

Attack log.

spam

Antispam log.

anomaly

Anomaly log.

voip

VoIP log.

dlp

DLP log.

app-ctrl

Application control log.

waf

Web application firewall log.

dns

DNS detail log.

ssh

SSH log.

ssl

SSL log.

file-filter

File filter log.

icap

ICAP log.

filter

Free style filter string.

string

Maximum length: 1023

filter-type

Include/exclude logs that match the filter.

option

-

include

Option

Description

include

Include logs that match the filter.

exclude

Exclude logs that match the filter.