config log setting
Configure general log settings.
config log setting Description: Configure general log settings. set resolve-ip [enable|disable] set resolve-port [enable|disable] set log-user-in-upper [enable|disable] set fwpolicy-implicit-log [enable|disable] set fwpolicy6-implicit-log [enable|disable] set log-invalid-packet [enable|disable] set local-in-allow [enable|disable] set local-in-deny-unicast [enable|disable] set local-in-deny-broadcast [enable|disable] set local-out [enable|disable] set local-out-ioc-detection [enable|disable] set daemon-log [enable|disable] set neighbor-event [enable|disable] set brief-traffic-format [enable|disable] set user-anonymize [enable|disable] set expolicy-implicit-log [enable|disable] set log-policy-comment [enable|disable] set faz-override [enable|disable] set syslog-override [enable|disable] set rest-api-set [enable|disable] set rest-api-get [enable|disable] set custom-log-fields <field-id1>, <field-id2>, ... set anonymization-hash {string} end
config log setting
Parameter |
Description |
Type |
Size |
Default |
||||||
---|---|---|---|---|---|---|---|---|---|---|
resolve-ip |
Enable/disable adding resolved domain names to traffic logs if possible. |
option |
- |
disable |
||||||
|
|
|||||||||
resolve-port |
Enable/disable adding resolved service names to traffic logs. |
option |
- |
enable |
||||||
|
|
|||||||||
log-user-in-upper |
Enable/disable logs with user-in-upper. |
option |
- |
disable |
||||||
|
|
|||||||||
fwpolicy-implicit-log |
Enable/disable implicit firewall policy logging. |
option |
- |
disable |
||||||
|
|
|||||||||
fwpolicy6-implicit-log |
Enable/disable implicit firewall policy6 logging. |
option |
- |
disable |
||||||
|
|
|||||||||
log-invalid-packet |
Enable/disable invalid packet traffic logging. |
option |
- |
disable |
||||||
|
|
|||||||||
local-in-allow |
Enable/disable local-in-allow logging. |
option |
- |
disable |
||||||
|
|
|||||||||
local-in-deny-unicast |
Enable/disable local-in-deny-unicast logging. |
option |
- |
disable |
||||||
|
|
|||||||||
local-in-deny-broadcast |
Enable/disable local-in-deny-broadcast logging. |
option |
- |
disable |
||||||
|
|
|||||||||
local-out |
Enable/disable local-out logging. |
option |
- |
enable |
||||||
|
|
|||||||||
local-out-ioc-detection |
Enable/disable local-out traffic IoC detection. Requires local-out to be enabled. |
option |
- |
enable |
||||||
|
|
|||||||||
daemon-log |
Enable/disable daemon logging. |
option |
- |
disable |
||||||
|
|
|||||||||
neighbor-event |
Enable/disable neighbor event logging. |
option |
- |
disable |
||||||
|
|
|||||||||
brief-traffic-format |
Enable/disable brief format traffic logging. |
option |
- |
disable |
||||||
|
|
|||||||||
user-anonymize |
Enable/disable anonymizing user names in log messages. |
option |
- |
disable |
||||||
|
|
|||||||||
expolicy-implicit-log |
Enable/disable explicit proxy firewall implicit policy logging. |
option |
- |
disable |
||||||
|
|
|||||||||
log-policy-comment |
Enable/disable inserting policy comments into traffic logs. |
option |
- |
disable |
||||||
|
|
|||||||||
faz-override |
Enable/disable override FortiAnalyzer settings. |
option |
- |
disable |
||||||
|
|
|||||||||
syslog-override |
Enable/disable override Syslog settings. |
option |
- |
disable |
||||||
|
|
|||||||||
rest-api-set |
Enable/disable REST API POST/PUT/DELETE request logging. |
option |
- |
disable |
||||||
|
|
|||||||||
rest-api-get |
Enable/disable REST API GET request logging. |
option |
- |
disable |
||||||
|
|
|||||||||
custom-log-fields |
Custom fields to append to all log messages. Custom log field. |
string |
Maximum length: 35 |
|
||||||
anonymization-hash |
User name anonymization hash salt. |
string |
Maximum length: 32 |
|