Fortinet Document Library

Version:

Version:

Version:


Table of Contents

Administration Guide

Download PDF
Copy Link

FortiView from disk

FortiView from disk is available on all FortiGates with an SSD disk.

Restrictions

Model

Supported view

Desktop models (100 series) with SSD

Five minutes and one hour

Medium models with SSD

Up to 24 hours

Large models (1500D and above) with SSD

Up to seven days

To enable seven days view:

config log setting
    set fortiview-weekly-data enable
end

Configuration

A firewall policy needs to be in place with traffic logging enabled. For optimal operation with FortiView, internal interface roles should be clearly defined as LAN. DMZ and internet facing or external interface roles should be defined as WAN.

To configure logging to disk:

config log disk setting

set status enable

end

To include sniffer traffic and local-deny traffic when FortiView from Disk:

config report setting

set report-source forward-traffic sniffer-traffic local-deny-traffic

end

This feature is only supported through the CLI.

Troubleshooting

Use execute report flush-cache and execute report recreate-db to clear up any irregularities that may be caused by upgrading or cache issues.

Traffic logs

To view traffic logs from disk:
  1. Go to Log & Report, and select either the Forward Traffic, Local Traffic, or Sniffer Traffic views.
  2. In the top menu bar, click Log location and select Disk.

FortiView from disk

FortiView from disk is available on all FortiGates with an SSD disk.

Restrictions

Model

Supported view

Desktop models (100 series) with SSD

Five minutes and one hour

Medium models with SSD

Up to 24 hours

Large models (1500D and above) with SSD

Up to seven days

To enable seven days view:

config log setting
    set fortiview-weekly-data enable
end

Configuration

A firewall policy needs to be in place with traffic logging enabled. For optimal operation with FortiView, internal interface roles should be clearly defined as LAN. DMZ and internet facing or external interface roles should be defined as WAN.

To configure logging to disk:

config log disk setting

set status enable

end

To include sniffer traffic and local-deny traffic when FortiView from Disk:

config report setting

set report-source forward-traffic sniffer-traffic local-deny-traffic

end

This feature is only supported through the CLI.

Troubleshooting

Use execute report flush-cache and execute report recreate-db to clear up any irregularities that may be caused by upgrading or cache issues.

Traffic logs

To view traffic logs from disk:
  1. Go to Log & Report, and select either the Forward Traffic, Local Traffic, or Sniffer Traffic views.
  2. In the top menu bar, click Log location and select Disk.