Fortinet white logo
Fortinet white logo

CLI Reference

log event-log

log event-log

Use this command to configure recording of event log messages, and then use other commands to store those messages on the local FortiWeb disk, in local FortiWeb memory, or both. Use other commands to configure a traffic log and attack log.

You must enable disk and/or memory log storage and select log severity levels before FortiWeb will store any event logs.

To use this command, your administrator account’s access control profile must have either w or rw permission to the loggrp area. For details, see Permissions.

Syntax

config log event-log

set status {enable | disable}

set cpu-high <percentage_int>

set mem-high <percentage_int>

set logdisk-high <percentage_int>

set trigger-policy "<trigger-policy_name>"

end

Variable Description Default

status {enable | disable}

Enable to record event log messages.

To select the destination and the severity threshold of the stored log messages, see log disk.

enable

cpu-high <percentage_int>

Enter a threshold level as a percentage beyond which CPU usage triggers an event log entry.

The valid range is 60–99.

60

mem-high <percentage_int>

Enter a threshold level as a percentage beyond which memory usage triggers an event log entry.

The valid range is 60–99.

60

logdisk-high <percentage_int>

Enter a threshold level as a percentage beyond which log disk usage triggers an event log entry.

The valid range is 60–99.

60

trigger-policy "<trigger-policy_name>"

Enter the name of the trigger to apply when the CPU, memory, log disk usage, or number of sessions meets or exceeds the threshold (see log trigger-policy). The maximum length is 63 characters.

To display the list of existing trigger policies, enter:

set trigger ?

No default.

Example

This example enables recording of event logs, enables disk log storage and memory log storage, and sets alert as the minimum severity level that a log message must achieve for storage.

config log disk

set status enable

set severity alert

end

config log event-log

set status enable

end

Related topics

log event-log

log event-log

Use this command to configure recording of event log messages, and then use other commands to store those messages on the local FortiWeb disk, in local FortiWeb memory, or both. Use other commands to configure a traffic log and attack log.

You must enable disk and/or memory log storage and select log severity levels before FortiWeb will store any event logs.

To use this command, your administrator account’s access control profile must have either w or rw permission to the loggrp area. For details, see Permissions.

Syntax

config log event-log

set status {enable | disable}

set cpu-high <percentage_int>

set mem-high <percentage_int>

set logdisk-high <percentage_int>

set trigger-policy "<trigger-policy_name>"

end

Variable Description Default

status {enable | disable}

Enable to record event log messages.

To select the destination and the severity threshold of the stored log messages, see log disk.

enable

cpu-high <percentage_int>

Enter a threshold level as a percentage beyond which CPU usage triggers an event log entry.

The valid range is 60–99.

60

mem-high <percentage_int>

Enter a threshold level as a percentage beyond which memory usage triggers an event log entry.

The valid range is 60–99.

60

logdisk-high <percentage_int>

Enter a threshold level as a percentage beyond which log disk usage triggers an event log entry.

The valid range is 60–99.

60

trigger-policy "<trigger-policy_name>"

Enter the name of the trigger to apply when the CPU, memory, log disk usage, or number of sessions meets or exceeds the threshold (see log trigger-policy). The maximum length is 63 characters.

To display the list of existing trigger policies, enter:

set trigger ?

No default.

Example

This example enables recording of event logs, enables disk log storage and memory log storage, and sets alert as the minimum severity level that a log message must achieve for storage.

config log disk

set status enable

set severity alert

end

config log event-log

set status enable

end

Related topics