Fortinet fortigate-200a Betriebsanweisung
352
01-28006-0072-20041105
Fortinet Inc.
Log config
Log & Report
Figure 180:Example alert email
For descriptions of log formats and specific log messages see the FortiGate Log
Message Reference Guide.
Message Reference Guide.
This chapter describes:
•
•
•
Log config
Use Log Config to configure log storage, alert emails and log filters.
This section describes:
•
•
•
•
•
Log Setting options
You can enable and configure the storing of log messages to one or more of the
following locations:
following locations:
.
From: admin@example.com
Sent: Tuesday, April 27, 2004 5:30 PM
To: example@test.com
Subject: Message meets Alert condition
Sent: Tuesday, April 27, 2004 5:30 PM
To: example@test.com
Subject: Message meets Alert condition
Message meets Alert condition
2004-04-27 13:28:52 device_id=APS3012803033139 log_id=0101023002
type=event subtype=ipsec pri=notice loc_ip=172.16.81.2 loc_port=500
rem_ip=172.16.81.1 rem_port=500 out_if=dmz vpn_tunnel=ToDmz action=negotiate
init=local mode= stage=-112 dir=inbound status=success msg="Initiator: tunnel
172.16.81.1, transform=ESP_3DES, HMAC_SHA1"
Message meets Alert condition
2004-04-27 13:28:54 device_id=APS3012803033139 log_id=0101023004
type=event subtype=ipsec pri=notice loc_ip=172.16.81.2 loc_port=500
rem_ip=172.16.81.1 rem_port=500 out_if=dmz vpn_tunnel=ToDmz action=negotiate
init=local mode=quick stage=2 dir=outbound status=success msg="Initiator: sent
172.16.81.1 quick mode message #2 (DONE)"
2004-04-27 13:28:52 device_id=APS3012803033139 log_id=0101023002
type=event subtype=ipsec pri=notice loc_ip=172.16.81.2 loc_port=500
rem_ip=172.16.81.1 rem_port=500 out_if=dmz vpn_tunnel=ToDmz action=negotiate
init=local mode= stage=-112 dir=inbound status=success msg="Initiator: tunnel
172.16.81.1, transform=ESP_3DES, HMAC_SHA1"
Message meets Alert condition
2004-04-27 13:28:54 device_id=APS3012803033139 log_id=0101023004
type=event subtype=ipsec pri=notice loc_ip=172.16.81.2 loc_port=500
rem_ip=172.16.81.1 rem_port=500 out_if=dmz vpn_tunnel=ToDmz action=negotiate
init=local mode=quick stage=2 dir=outbound status=success msg="Initiator: sent
172.16.81.1 quick mode message #2 (DONE)"
FortiLog
A FortiLog unit. The FortiLog unit is a log analyzer and manager that can
combine the log information from various FortiGate units and other firewall
units. To enable content archiving with a firewall
, you need
to select the FortiLog option and define its IP address.