Fortinet white logo
Fortinet white logo

CLI Reference

config log syslogd override-setting

config log syslogd override-setting

Override settings for remote syslog server.

config log syslogd override-setting
    Description: Override settings for remote syslog server.
    set status [enable|disable]
    set server {string}
    set mode [udp|legacy-reliable|...]
    set port {integer}
    set facility [kernel|user|...]
    set source-ip {string}
    set format [default|csv|...]
    set priority [default|low]
    set max-log-rate {integer}
    set enc-algorithm [high-medium|high|...]
    set ssl-min-proto-version [default|SSLv3|...]
    set certificate {string}
    config custom-field-name
        Description: Custom field name for CEF format logging.
        edit <id>
            set name {string}
            set custom {string}
        next
    end
    set interface-select-method [auto|specify]
    set interface {string}
    config log-templates
        Description: Custom log templates.
        edit <id>
            set category [traffic|event|...]
            set empty-value-indicator {string}
            set template {string}
        next
    end
end

config log syslogd override-setting

Parameter

Description

Type

Size

Default

status

Enable/disable remote syslog logging.

option

-

disable

Option

Description

enable

Log to remote syslog server.

disable

Do not log to remote syslog server.

server

Address of remote syslog server.

string

Maximum length: 127

mode

Remote syslog logging over UDP/Reliable TCP.

option

-

udp

Option

Description

udp

Enable syslogging over UDP.

legacy-reliable

Enable legacy reliable syslogging by RFC3195 (Reliable Delivery for Syslog).

reliable

Enable reliable syslogging by RFC6587 (Transmission of Syslog Messages over TCP).

port

Server listen port.

integer

Minimum value: 0 Maximum value: 65535

514

facility

Remote syslog facility.

option

-

local7

Option

Description

kernel

Kernel messages.

user

Random user-level messages.

mail

Mail system.

daemon

System daemons.

auth

Security/authorization messages.

syslog

Messages generated internally by syslog.

lpr

Line printer subsystem.

news

Network news subsystem.

uucp

Network news subsystem.

cron

Clock daemon.

authpriv

Security/authorization messages (private).

ftp

FTP daemon.

ntp

NTP daemon.

audit

Log audit.

alert

Log alert.

clock

Clock daemon.

local0

Reserved for local use.

local1

Reserved for local use.

local2

Reserved for local use.

local3

Reserved for local use.

local4

Reserved for local use.

local5

Reserved for local use.

local6

Reserved for local use.

local7

Reserved for local use.

source-ip

Source IP address of syslog.

string

Maximum length: 63

format

Log format.

option

-

default

Option

Description

default

Syslog format.

csv

CSV (Comma Separated Values) format.

cef

CEF (Common Event Format) format.

rfc5424

Syslog RFC5424 format.

json

JSON (JavaScript Object Notation) format.

custom

Custom format.

priority

Set log transmission priority.

option

-

default

Option

Description

default

Set Syslog transmission priority to default.

low

Set Syslog transmission priority to low.

max-log-rate

Syslog maximum log rate in MBps (0 = unlimited).

integer

Minimum value: 0 Maximum value: 100000

0

enc-algorithm

Enable/disable reliable syslogging with TLS encryption.

option

-

disable

Option

Description

high-medium

SSL communication with high and medium encryption algorithms.

high

SSL communication with high encryption algorithms.

low

SSL communication with low encryption algorithms.

disable

Disable SSL communication.

ssl-min-proto-version

Minimum supported protocol version for SSL/TLS connections.

option

-

default

Option

Description

default

Follow system global setting.

SSLv3

SSLv3.

TLSv1

TLSv1.

TLSv1-1

TLSv1.1.

TLSv1-2

TLSv1.2.

TLSv1-3

TLSv1.3.

certificate

Certificate used to communicate with Syslog server.

string

Maximum length: 35

interface-select-method

Specify how to select outgoing interface to reach server.

option

-

auto

Option

Description

auto

Set outgoing interface automatically.

specify

Set outgoing interface manually.

interface

Specify outgoing interface to reach server.

string

Maximum length: 15

config custom-field-name

Parameter

Description

Type

Size

Default

id

Entry ID.

integer

Minimum value: 0 Maximum value: 255

0

name

Field name [A-Za-z0-9_].

string

Maximum length: 35

custom

Field custom name [A-Za-z0-9_].

string

Maximum length: 35

config log-templates

Parameter

Description

Type

Size

Default

id

Entry ID.

integer

Minimum value: 0 Maximum value: 4294967295

0

category

Log category.

option

-

traffic

Option

Description

traffic

Traffic log.

event

Event log.

virus

Antivirus log.

webfilter

Web filter log.

attack

Attack log.

spam

Antispam log.

anomaly

Anomaly log.

voip

VoIP log.

dlp

DLP log.

app-ctrl

Application control log.

waf

Web application firewall log.

dns

DNS detail log.

ssh

SSH log.

ssl

SSL log.

file-filter

File filter log.

icap

ICAP log.

virtual-patch

Virtual patch log.

empty-value-indicator

A character to indicate log field is empty.

string

Maximum length: 1

template

Log template string.

string

Maximum length: 2047

config log syslogd override-setting

config log syslogd override-setting

Override settings for remote syslog server.

config log syslogd override-setting
    Description: Override settings for remote syslog server.
    set status [enable|disable]
    set server {string}
    set mode [udp|legacy-reliable|...]
    set port {integer}
    set facility [kernel|user|...]
    set source-ip {string}
    set format [default|csv|...]
    set priority [default|low]
    set max-log-rate {integer}
    set enc-algorithm [high-medium|high|...]
    set ssl-min-proto-version [default|SSLv3|...]
    set certificate {string}
    config custom-field-name
        Description: Custom field name for CEF format logging.
        edit <id>
            set name {string}
            set custom {string}
        next
    end
    set interface-select-method [auto|specify]
    set interface {string}
    config log-templates
        Description: Custom log templates.
        edit <id>
            set category [traffic|event|...]
            set empty-value-indicator {string}
            set template {string}
        next
    end
end

config log syslogd override-setting

Parameter

Description

Type

Size

Default

status

Enable/disable remote syslog logging.

option

-

disable

Option

Description

enable

Log to remote syslog server.

disable

Do not log to remote syslog server.

server

Address of remote syslog server.

string

Maximum length: 127

mode

Remote syslog logging over UDP/Reliable TCP.

option

-

udp

Option

Description

udp

Enable syslogging over UDP.

legacy-reliable

Enable legacy reliable syslogging by RFC3195 (Reliable Delivery for Syslog).

reliable

Enable reliable syslogging by RFC6587 (Transmission of Syslog Messages over TCP).

port

Server listen port.

integer

Minimum value: 0 Maximum value: 65535

514

facility

Remote syslog facility.

option

-

local7

Option

Description

kernel

Kernel messages.

user

Random user-level messages.

mail

Mail system.

daemon

System daemons.

auth

Security/authorization messages.

syslog

Messages generated internally by syslog.

lpr

Line printer subsystem.

news

Network news subsystem.

uucp

Network news subsystem.

cron

Clock daemon.

authpriv

Security/authorization messages (private).

ftp

FTP daemon.

ntp

NTP daemon.

audit

Log audit.

alert

Log alert.

clock

Clock daemon.

local0

Reserved for local use.

local1

Reserved for local use.

local2

Reserved for local use.

local3

Reserved for local use.

local4

Reserved for local use.

local5

Reserved for local use.

local6

Reserved for local use.

local7

Reserved for local use.

source-ip

Source IP address of syslog.

string

Maximum length: 63

format

Log format.

option

-

default

Option

Description

default

Syslog format.

csv

CSV (Comma Separated Values) format.

cef

CEF (Common Event Format) format.

rfc5424

Syslog RFC5424 format.

json

JSON (JavaScript Object Notation) format.

custom

Custom format.

priority

Set log transmission priority.

option

-

default

Option

Description

default

Set Syslog transmission priority to default.

low

Set Syslog transmission priority to low.

max-log-rate

Syslog maximum log rate in MBps (0 = unlimited).

integer

Minimum value: 0 Maximum value: 100000

0

enc-algorithm

Enable/disable reliable syslogging with TLS encryption.

option

-

disable

Option

Description

high-medium

SSL communication with high and medium encryption algorithms.

high

SSL communication with high encryption algorithms.

low

SSL communication with low encryption algorithms.

disable

Disable SSL communication.

ssl-min-proto-version

Minimum supported protocol version for SSL/TLS connections.

option

-

default

Option

Description

default

Follow system global setting.

SSLv3

SSLv3.

TLSv1

TLSv1.

TLSv1-1

TLSv1.1.

TLSv1-2

TLSv1.2.

TLSv1-3

TLSv1.3.

certificate

Certificate used to communicate with Syslog server.

string

Maximum length: 35

interface-select-method

Specify how to select outgoing interface to reach server.

option

-

auto

Option

Description

auto

Set outgoing interface automatically.

specify

Set outgoing interface manually.

interface

Specify outgoing interface to reach server.

string

Maximum length: 15

config custom-field-name

Parameter

Description

Type

Size

Default

id

Entry ID.

integer

Minimum value: 0 Maximum value: 255

0

name

Field name [A-Za-z0-9_].

string

Maximum length: 35

custom

Field custom name [A-Za-z0-9_].

string

Maximum length: 35

config log-templates

Parameter

Description

Type

Size

Default

id

Entry ID.

integer

Minimum value: 0 Maximum value: 4294967295

0

category

Log category.

option

-

traffic

Option

Description

traffic

Traffic log.

event

Event log.

virus

Antivirus log.

webfilter

Web filter log.

attack

Attack log.

spam

Antispam log.

anomaly

Anomaly log.

voip

VoIP log.

dlp

DLP log.

app-ctrl

Application control log.

waf

Web application firewall log.

dns

DNS detail log.

ssh

SSH log.

ssl

SSL log.

file-filter

File filter log.

icap

ICAP log.

virtual-patch

Virtual patch log.

empty-value-indicator

A character to indicate log field is empty.

string

Maximum length: 1

template

Log template string.

string

Maximum length: 2047