Fortinet white logo
Fortinet white logo

Hyperscale Firewall Guide

Configuring hardware logging

Configuring hardware logging

The hardware logging configuration is a global configuration that is shared by all of the NP7s and is available to all hyperscale firewall VDOMs.

From the GUI:

  1. Go to Log & Report > Hyperscale SPU Offload Log Settings.

  2. Set global log settings, add log servers and organize the log servers into log server groups.
  3. Select Apply to save your changes.

    Select Apply often as you are setting up hardware logging to make sure changes are not lost.

From the CLI:

config log npu-server

set log-processor {hardware | host}

set log-processing {may-drop | no-drop}

set netflow-ver {v9 | v10}

set enforce-seq-order {disable | enable}

set syslog-facility <facility>

set syslog-severity <severity>

config server-info

edit <index>

set vdom <name>

set ip-family {v4 | v6}

set log-transport {tcp | udp}

set ipv4-server <ipv4-address>

set ipv6-server <ipv6-address>

set source-port <port-number>

set dest-port <port-number>

set template-tx-timeout <timeout>

end

config server-group

edit <group-name>

set log-mode {per-session | per-nat-mapping | per-session-ending}

set log-format {netflow | syslog}

set log-tx-mode {roundrobin | multicast}

set sw-log-flags {tcp-udp-only | enable-all-log | disable-all-log}

set log-user-info {disable | enable}

set log-gen-event {disable | enable}

set server-number <number>

set server-start-id <number>

end

Configuring hardware logging

Configuring hardware logging

The hardware logging configuration is a global configuration that is shared by all of the NP7s and is available to all hyperscale firewall VDOMs.

From the GUI:

  1. Go to Log & Report > Hyperscale SPU Offload Log Settings.

  2. Set global log settings, add log servers and organize the log servers into log server groups.
  3. Select Apply to save your changes.

    Select Apply often as you are setting up hardware logging to make sure changes are not lost.

From the CLI:

config log npu-server

set log-processor {hardware | host}

set log-processing {may-drop | no-drop}

set netflow-ver {v9 | v10}

set enforce-seq-order {disable | enable}

set syslog-facility <facility>

set syslog-severity <severity>

config server-info

edit <index>

set vdom <name>

set ip-family {v4 | v6}

set log-transport {tcp | udp}

set ipv4-server <ipv4-address>

set ipv6-server <ipv6-address>

set source-port <port-number>

set dest-port <port-number>

set template-tx-timeout <timeout>

end

config server-group

edit <group-name>

set log-mode {per-session | per-nat-mapping | per-session-ending}

set log-format {netflow | syslog}

set log-tx-mode {roundrobin | multicast}

set sw-log-flags {tcp-udp-only | enable-all-log | disable-all-log}

set log-user-info {disable | enable}

set log-gen-event {disable | enable}

set server-number <number>

set server-start-id <number>

end