Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • CLI Reference

    Home FortiMail 7.2.6 CLI Reference
    7.2.6
    7.6.1
    7.6.0
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.0
    6.0.4
    6.0.3
    6.0.1
    6.0.0

    log setting cloud

    log setting cloud

    Use this command to configure storing log messages to the FortiAnalyzer Cloud.

    Syntax

    config log setting cloud

    set status {enable | disable}

    set loglevel {alert | critical | debug | emergency | error | information | notification | warning}

    set event-log-category {imap | pop3 | smtp | webmail}]

    set event-log-status {enable | disable}

    set syseventlog-category {admin | configuration | dns | ha | system | update}]

    set system-event-log-status {enable | disable}

    set antivirus-log-status {enable | disable}

    set antispam-log-status {enable | disable}

    set history-log-status {enable | disable}

    set encryption-log-status {enable | disable}

    end

    Variable

    Description

    Default

    status {enable | disable}

    Enable to send log types which are enabled to FortiAnalyzer Cloud.

    enable

    loglevel {alert | critical | debug | emergency | error | information | notification | warning}

    Enter one or more of the following severity levels:

    • emergency
    • alert
    • critical
    • error
    • warning
    • notification
    • information
    • debug

    This log destination will receive log messages greater than or equal to this severity level. For details, see the FortiMail Administration Guide.

    information

    event-log-category {imap | pop3 | smtp | webmail}]

    Enter all of the mail log types and subtypes that you want to record to this storage location. Separate each type with a space.

    • imap: Log all IMAP events.
    • pop3: Log all POP3 events.
    • smtp: Log all SMTP relay or proxy events.
    • webmail: Log all FortiMail webmail events.

    webmail stmp

    event-log-status {enable | disable}

    Enable or disable event logging to FortiAnalyzer Cloud.

    webmail smtp

    syseventlog-category {admin | configuration | dns | ha | system | update}]

    Enter all of the system event log types and subtypes that you want to record to this storage location. Separate each type with a space.

    • admin: Administrative events such as logins, viewing log messages, and resetting the configuration.
    • configuration: Configuration changes by an administrator, such as policies, profiles, and domains.
    • dns: DNS queries.
    • ha: High availability (HA) activity.
    • system: System events, such as rebooting the FortiMail unit or IP address configuration via DHCP. Note: This category does not include events from mail daemons, which are configured in event-log-category [{imap pop3 smtp webmail}].
    • update: Both successful and unsuccessful attempts to download firmware and FortiGuard updates.

    admin configuration dns ha system update

    system-event-log-status {enable | disable}

    Enable to log system events.

    enable

    antivirus-log-status {enable | disable}

    Enable to log all antivirus events.

    enable

    antispam-log-status {enable | disable}

    Enable to log all antispam events.

    enable

    history-log-status {enable | disable}

    Enable to log both successful and unsuccessful attempts by the built-in MTA or proxies to deliver email.

    enable

    encryption-log-status {enable | disable}

    Enable to log all IBE events.

    enable
    Previous
    Next

    log setting cloud

    log setting cloud

    Use this command to configure storing log messages to the FortiAnalyzer Cloud.

    Syntax

    config log setting cloud

    set status {enable | disable}

    set loglevel {alert | critical | debug | emergency | error | information | notification | warning}

    set event-log-category {imap | pop3 | smtp | webmail}]

    set event-log-status {enable | disable}

    set syseventlog-category {admin | configuration | dns | ha | system | update}]

    set system-event-log-status {enable | disable}

    set antivirus-log-status {enable | disable}

    set antispam-log-status {enable | disable}

    set history-log-status {enable | disable}

    set encryption-log-status {enable | disable}

    end

    Variable

    Description

    Default

    status {enable | disable}

    Enable to send log types which are enabled to FortiAnalyzer Cloud.

    enable

    loglevel {alert | critical | debug | emergency | error | information | notification | warning}

    Enter one or more of the following severity levels:

    • emergency
    • alert
    • critical
    • error
    • warning
    • notification
    • information
    • debug

    This log destination will receive log messages greater than or equal to this severity level. For details, see the FortiMail Administration Guide.

    information

    event-log-category {imap | pop3 | smtp | webmail}]

    Enter all of the mail log types and subtypes that you want to record to this storage location. Separate each type with a space.

    • imap: Log all IMAP events.
    • pop3: Log all POP3 events.
    • smtp: Log all SMTP relay or proxy events.
    • webmail: Log all FortiMail webmail events.

    webmail stmp

    event-log-status {enable | disable}

    Enable or disable event logging to FortiAnalyzer Cloud.

    webmail smtp

    syseventlog-category {admin | configuration | dns | ha | system | update}]

    Enter all of the system event log types and subtypes that you want to record to this storage location. Separate each type with a space.

    • admin: Administrative events such as logins, viewing log messages, and resetting the configuration.
    • configuration: Configuration changes by an administrator, such as policies, profiles, and domains.
    • dns: DNS queries.
    • ha: High availability (HA) activity.
    • system: System events, such as rebooting the FortiMail unit or IP address configuration via DHCP. Note: This category does not include events from mail daemons, which are configured in event-log-category [{imap pop3 smtp webmail}].
    • update: Both successful and unsuccessful attempts to download firmware and FortiGuard updates.

    admin configuration dns ha system update

    system-event-log-status {enable | disable}

    Enable to log system events.

    enable

    antivirus-log-status {enable | disable}

    Enable to log all antivirus events.

    enable

    antispam-log-status {enable | disable}

    Enable to log all antispam events.

    enable

    history-log-status {enable | disable}

    Enable to log both successful and unsuccessful attempts by the built-in MTA or proxies to deliver email.

    enable

    encryption-log-status {enable | disable}

    Enable to log all IBE events.

    enable
    Previous
    Next