Monday, July 1, 2019

Enable traffic logs in Fortigate firewalls

Local traffic logs are disabled by default in fortigate firewalls. This logs can be enabled from console.

Check the following:
config  log  memory filter
get                               <<—lists all options


Make sure local-traffic logs are enabled. If not then:
set local-traffic enable
end

Enable "Log Allowed Traffic" and select "All Sessions" on the firewall policy.
Make sure you display logs from the correct location(GUI):
"Log & Report >> Log Settings >> GUI Preferences >> Memory/FortiCloud"