Fortinet black logo

Log Message Reference

Home FortiProxy 7.2.4 Log Message Reference
7.2.4
7.4.4
7.4.2
7.4.0
7.2.10
7.2.6
7.2.4
7.2.3
7.0.17
7.0.12
7.0.10

Enabling extended logging

Enabling extended logging

You can enable extended logging for the following UTM profiles:

  • antivirus
  • application
  • dlp
  • ips
  • waf
  • webfilter

When you enable the extended-log option for UTM profiles, all HTTP header information for HTTP-deny traffic is logged.

When you enable the web-extended-all-action-log-enable option for webfilter profile, all HTTP header information for HTTP-allow traffic is logged.

Extended logging option in UTM profiles

The extended-log option has been added to all UTM profiles, for example:

# webfilter profile

config webfilter profile

edit "test-webfilter"

set extended-log enable

set web-extended-all-action-log enable

next

end

# av profile

config antivirus profile

edit "av-proxy-test"

set extended-log enable

next

end

# waf profile

config waf profile

edit "test-waf"

set extended-log enable

next

end

Syslog server mode

The Syslog server mode changed to udp, reliable, and legacy-reliable. You must set the mode to reliable to support extended logging, for example:

config log syslogd setting

set status enable

set server "<ip address>"

set mode reliable

set facility local6

end

Previous
Next

Enabling extended logging

You can enable extended logging for the following UTM profiles:

  • antivirus
  • application
  • dlp
  • ips
  • waf
  • webfilter

When you enable the extended-log option for UTM profiles, all HTTP header information for HTTP-deny traffic is logged.

When you enable the web-extended-all-action-log-enable option for webfilter profile, all HTTP header information for HTTP-allow traffic is logged.

Extended logging option in UTM profiles

The extended-log option has been added to all UTM profiles, for example:

# webfilter profile

config webfilter profile

edit "test-webfilter"

set extended-log enable

set web-extended-all-action-log enable

next

end

# av profile

config antivirus profile

edit "av-proxy-test"

set extended-log enable

next

end

# waf profile

config waf profile

edit "test-waf"

set extended-log enable

next

end

Syslog server mode

The Syslog server mode changed to udp, reliable, and legacy-reliable. You must set the mode to reliable to support extended logging, for example:

config log syslogd setting

set status enable

set server "<ip address>"

set mode reliable

set facility local6

end

Previous
Next