Logging and Reporting (5.6.1)

New logging and reporting features added to FortiOS 5.6.1.

Usability Updates to Reports Page (383684)

The Reports page has been updated in 5.6.1, to include both FortiCloud and Local Reports in a single location. Configuring of report schedules is also available on this page. The page will display whichever format is enabled, or allow switching between both if both Local and FortiCloud are in use.

Interface Categories (srcintfrole, etc) added to log data (434188)

In 5.6, logs and FortiView both sort log traffic into two interface categories: “Traffic from LAN/DMZ”, and “Traffic from WAN.” For greater compatibility and troubleshooting of FortiAnalyzer and FortiCloud setups, interface category fields that expose this information have been added to general log data in 5.6.1: srcintfrole and dstintfrole for better backend control and monitoring.

Individual FAZ log settings for SLBC Cluster Blades (382942/424076)

Individual SLBC Cluster Blades can now be enabled to have its own specific FortiAnalyzer log settings, rather than auto-syncing with all other blades in the cluster. This allows for multi-FAZ setups and collector-analyzer architectures, to deal with high logging volume. Entries in the command config system objectnsyncdetermine which settings are not synced from the blade. Settings are available to specify VDOMs that will or will not sync.