config log setting
Configure general log settings.
config log setting
Description: Configure general log settings.
set resolve-ip [enable|disable]
set resolve-port [enable|disable]
set log-user-in-upper [enable|disable]
set fwpolicy-implicit-log [enable|disable]
set fwpolicy6-implicit-log [enable|disable]
set log-invalid-packet [enable|disable]
set local-in-allow [enable|disable]
set local-in-deny-unicast [enable|disable]
set local-in-deny-broadcast [enable|disable]
set local-out [enable|disable]
set local-out-ioc-detection [enable|disable]
set daemon-log [enable|disable]
set neighbor-event [enable|disable]
set brief-traffic-format [enable|disable]
set user-anonymize [enable|disable]
set expolicy-implicit-log [enable|disable]
set log-policy-comment [enable|disable]
set faz-override [enable|disable]
set syslog-override [enable|disable]
set rest-api-set [enable|disable]
set rest-api-get [enable|disable]
set custom-log-fields <field-id1>, <field-id2>, ...
set anonymization-hash {string}
end
config log setting
Parameter |
Description |
Type |
Size |
Default |
||||||
---|---|---|---|---|---|---|---|---|---|---|
resolve-ip |
Enable/disable adding resolved domain names to traffic logs if possible. |
option |
- |
disable |
||||||
|
|
|||||||||
resolve-port |
Enable/disable adding resolved service names to traffic logs. |
option |
- |
enable |
||||||
|
|
|||||||||
log-user-in-upper |
Enable/disable logs with user-in-upper. |
option |
- |
disable |
||||||
|
|
|||||||||
fwpolicy-implicit-log |
Enable/disable implicit firewall policy logging. |
option |
- |
disable |
||||||
|
|
|||||||||
fwpolicy6-implicit-log |
Enable/disable implicit firewall policy6 logging. |
option |
- |
disable |
||||||
|
|
|||||||||
log-invalid-packet |
Enable/disable invalid packet traffic logging. |
option |
- |
disable |
||||||
|
|
|||||||||
local-in-allow |
Enable/disable local-in-allow logging. |
option |
- |
disable |
||||||
|
|
|||||||||
local-in-deny-unicast |
Enable/disable local-in-deny-unicast logging. |
option |
- |
disable |
||||||
|
|
|||||||||
local-in-deny-broadcast |
Enable/disable local-in-deny-broadcast logging. |
option |
- |
disable |
||||||
|
|
|||||||||
local-out |
Enable/disable local-out logging. |
option |
- |
enable |
||||||
|
|
|||||||||
local-out-ioc-detection |
Enable/disable local-out traffic IoC detection. Requires local-out to be enabled. |
option |
- |
enable |
||||||
|
|
|||||||||
daemon-log |
Enable/disable daemon logging. |
option |
- |
disable |
||||||
|
|
|||||||||
neighbor-event |
Enable/disable neighbor event logging. |
option |
- |
disable |
||||||
|
|
|||||||||
brief-traffic-format |
Enable/disable brief format traffic logging. |
option |
- |
disable |
||||||
|
|
|||||||||
user-anonymize |
Enable/disable anonymizing user names in log messages. |
option |
- |
disable |
||||||
|
|
|||||||||
expolicy-implicit-log |
Enable/disable explicit proxy firewall implicit policy logging. |
option |
- |
disable |
||||||
|
|
|||||||||
log-policy-comment |
Enable/disable inserting policy comments into traffic logs. |
option |
- |
disable |
||||||
|
|
|||||||||
faz-override |
Enable/disable override FortiAnalyzer settings. |
option |
- |
disable |
||||||
|
|
|||||||||
syslog-override |
Enable/disable override Syslog settings. |
option |
- |
disable |
||||||
|
|
|||||||||
rest-api-set |
Enable/disable REST API POST/PUT/DELETE request logging. |
option |
- |
disable |
||||||
|
|
|||||||||
rest-api-get |
Enable/disable REST API GET request logging. |
option |
- |
disable |
||||||
|
|
|||||||||
custom-log-fields |
Custom fields to append to all log messages. Custom log field. |
string |
Maximum length: 35 |
|
||||||
anonymization-hash |
User name anonymization hash salt. |
string |
Maximum length: 32 |
|