Fortinet black logo

CLI Reference

log syslogd

log syslogd

Use this command to configure the FortiWeb appliance to send log messages to a Syslog server defined by log syslog-policy .

For improved performance, unless necessary, avoid logging highly frequent log types. While logs sent to your Syslog server do not persist in FortiWeb’s local RAM, FortiWeb still must use bandwidth and processing resources while sending the log message.

To use this command, your administrator account’s access control profile must have either w or rw permission to the loggrp area. For details, see Permissions.

Syntax

config log syslogd

set status {enable | disable}

set facility {alert | audit | auth | authpriv | clock | cron | daemon | ftp | kernel | local0 | local1 | local2 | local3 | local4 | local5 | local6 | local7 | mail | ntp | user}

set severity {alert | critical | debug | emergency | error | information | notification | warning}

set policy "<syslogd-policy_name>"

end

Variable Description Default

status {enable | disable}

Enable to send log messages to the Syslog server defined by log syslog-policy. Also configure:

disable

facility {alert | audit | auth | authpriv | clock | cron | daemon | ftp | kernel | local0 | local1 | local2 | local3 | local4 | local5 | local6 | local7 | mail | ntp | user}

Enter the facility identifier that the FortiWeb appliance will use to identify itself when sending log messages to the first Syslog server.

To easily identify log messages from the FortiWeb appliance when they are stored on the Syslog server, enter a unique facility identifier, and verify that no other network devices use the same facility identifier.

local7

severity {alert | critical | debug | emergency | error | information | notification | warning}

Select the severity level that a log message must meet or exceed in order to cause the FortiWeb appliance to send it to the first Syslog server. information

policy "<syslogd-policy_name>"

If logging to a Syslog server is enabled, enter the name of a Syslog policy which describes the Syslog server to which the log message will be sent. The maximum length is 63 characters.

For details about on Syslog policies, see log syslog-policy.

No default.

Example

This example enables storage of log messages with the notification severity level and higher on the Syslog server. The network connections to the Syslog server are defined in Syslog_Policy1. The FortiWeb appliance uses the facility identifier local7 when sending log messages to the Syslog server to differentiate its own log messages from those of other network devices using the same Syslog server.

config log syslogd

set status enable

set severity notification

set facility local7

set policy "Syslog_Policy1"

end

log syslogd

Use this command to configure the FortiWeb appliance to send log messages to a Syslog server defined by log syslog-policy .

For improved performance, unless necessary, avoid logging highly frequent log types. While logs sent to your Syslog server do not persist in FortiWeb’s local RAM, FortiWeb still must use bandwidth and processing resources while sending the log message.

To use this command, your administrator account’s access control profile must have either w or rw permission to the loggrp area. For details, see Permissions.

Syntax

config log syslogd

set status {enable | disable}

set facility {alert | audit | auth | authpriv | clock | cron | daemon | ftp | kernel | local0 | local1 | local2 | local3 | local4 | local5 | local6 | local7 | mail | ntp | user}

set severity {alert | critical | debug | emergency | error | information | notification | warning}

set policy "<syslogd-policy_name>"

end

Variable Description Default

status {enable | disable}

Enable to send log messages to the Syslog server defined by log syslog-policy. Also configure:

disable

facility {alert | audit | auth | authpriv | clock | cron | daemon | ftp | kernel | local0 | local1 | local2 | local3 | local4 | local5 | local6 | local7 | mail | ntp | user}

Enter the facility identifier that the FortiWeb appliance will use to identify itself when sending log messages to the first Syslog server.

To easily identify log messages from the FortiWeb appliance when they are stored on the Syslog server, enter a unique facility identifier, and verify that no other network devices use the same facility identifier.

local7

severity {alert | critical | debug | emergency | error | information | notification | warning}

Select the severity level that a log message must meet or exceed in order to cause the FortiWeb appliance to send it to the first Syslog server. information

policy "<syslogd-policy_name>"

If logging to a Syslog server is enabled, enter the name of a Syslog policy which describes the Syslog server to which the log message will be sent. The maximum length is 63 characters.

For details about on Syslog policies, see log syslog-policy.

No default.

Example

This example enables storage of log messages with the notification severity level and higher on the Syslog server. The network connections to the Syslog server are defined in Syslog_Policy1. The FortiWeb appliance uses the facility identifier local7 when sending log messages to the Syslog server to differentiate its own log messages from those of other network devices using the same Syslog server.

config log syslogd

set status enable

set severity notification

set facility local7

set policy "Syslog_Policy1"

end