FortiGate Cloud – Logs

Logs

Logs offers more detailed log information, access to individual log data, and downloadable log files. You can select a category of logs to view from the list on the left.

You can select a time period to view data for:

l Last 60 minutes l Last 24 hours l Last 7 days l Last 30 days l Specified time period

You can set the chart’s refresh rate by selecting the Change Refresh Period icon. By using the Add Filter dropdown list, you can filter the log list by various factors. Selecting Column Setting allows you to customize the default log view. By selecting Log Files, you can see the raw log data files and manually download them. The box in the lower right allows you to move through pages of log data by clicking the arrows or entering a page number.

You can download various types of raw logs from FortiGate Cloud. The log filename format is as follows:

<FortiGate serial number>_<log type>_<beginning of log date range>-<time of first log>-<end of log date range>-<time of last log>.log.gz

The log filename format uses a shortened identifier for each log type:

Log type   Identifier
Traffic   tlog
Web Filter   wlog
Application Control   rlog
AntiSpam   slog
AntiVirus   vlog
Log type Identifier
DLP dlog
Attack alog
Anomaly mlog
DNS olog
Event (including all subtypes) elog

For example, consider an Application Control log that is generated for the period between October 23, 2019 and November 2, 2019 for a FortiGate with the serial number “FGT123”. The first log in the file has a timestamp of 6:09 PM, while the last log in the file has a timestamp of 9:32 AM. The log file name is as follows: FGT123_rlog_20191023-1809-20191101-0932.log.gz

This entry was posted in Administration Guides, FortiGate, FortiGate Cloud on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.