Fortinet black logo

CLI Reference

log disk

log disk

Use this command to enable and configure recording of log messages to the local hard disk.

Logging must be enabled for each individual log type before log messages are recorded to disk. For details, see log attack-log, log event-log, and log traffic-log for details.

Each log file can have at most 51,200 logs, and each log size is limited to 4k; thus, each log file size is limited to 200M.

You can use SNMP traps to notify you when disk space usage exceeds 80%. For details, see system snmp community.

You can generate reports based on log messages that you save to the local hard disk. For details, see log reports.

Syntax

config log disk

set diskfull overwrite

set severity {alert | critical | debug | emergency | error | information | notification | warning}

set status {enable | disable}

set log-used-disk <log-used-disk_int>

end

Variable Description Default

status {enable | disable}

Enable to store log messages on the local hard disk. Log messages are stored only if logging is enabled for the individual log types using log attack-log, log event-log, and log traffic-log. Also configure diskfull overwrite and severity {alert | critical | debug | emergency | error | information | notification | warning}.

enable

diskfull overwrite

Select overwrite to delete the oldest log file in order to free disk space, and then store the new log message.

This field is available only if status {enable | disable} is enable.

overwrite

severity {alert | critical | debug | emergency | error | information | notification | warning}

Select the severity level that a log message must meet or exceed in order to cause the FortiWeb appliance to record it. information

log-used-disk <log-used-disk_int>

This field is unique for Docker platform. Enter the log disk size. The valid range is 10–500 G. 10 G

Example

This example enables logging of event and attack logs and recording of the log messages to the local hard disk. Only the log messages with a severity of notification or higher are recorded. If all free space on the hard disk is consumed and a new log message is generated, the diskfull option determines that the FortiWeb will overwrite the oldest log message. The log messages are saved to a separated log file for each message type.

config log disk

set status enable

set severity notification

set diskfull overwrite

end

Related topics

log disk

Use this command to enable and configure recording of log messages to the local hard disk.

Logging must be enabled for each individual log type before log messages are recorded to disk. For details, see log attack-log, log event-log, and log traffic-log for details.

Each log file can have at most 51,200 logs, and each log size is limited to 4k; thus, each log file size is limited to 200M.

You can use SNMP traps to notify you when disk space usage exceeds 80%. For details, see system snmp community.

You can generate reports based on log messages that you save to the local hard disk. For details, see log reports.

Syntax

config log disk

set diskfull overwrite

set severity {alert | critical | debug | emergency | error | information | notification | warning}

set status {enable | disable}

set log-used-disk <log-used-disk_int>

end

Variable Description Default

status {enable | disable}

Enable to store log messages on the local hard disk. Log messages are stored only if logging is enabled for the individual log types using log attack-log, log event-log, and log traffic-log. Also configure diskfull overwrite and severity {alert | critical | debug | emergency | error | information | notification | warning}.

enable

diskfull overwrite

Select overwrite to delete the oldest log file in order to free disk space, and then store the new log message.

This field is available only if status {enable | disable} is enable.

overwrite

severity {alert | critical | debug | emergency | error | information | notification | warning}

Select the severity level that a log message must meet or exceed in order to cause the FortiWeb appliance to record it. information

log-used-disk <log-used-disk_int>

This field is unique for Docker platform. Enter the log disk size. The valid range is 10–500 G. 10 G

Example

This example enables logging of event and attack logs and recording of the log messages to the local hard disk. Only the log messages with a severity of notification or higher are recorded. If all free space on the hard disk is consumed and a new log message is generated, the diskfull option determines that the FortiWeb will overwrite the oldest log message. The log messages are saved to a separated log file for each message type.

config log disk

set status enable

set severity notification

set diskfull overwrite

end

Related topics