How to Configure Logging to Syslog Server in Fortigate Firewall

Logging to Syslog Server in Fortigate

This Post will help how to configure logging to the Syslog server in a FortiGate firewall. Configuring this is very simple. Log in to firewall CLI using Putty.

Take CLI of your firewall and enter the below commands to Configure logging to Syslog Server in Fortigate

config log syslogd setting

set csv {disable | enable}

set facility <facility_name>

set port <port_integer>

set reliable {disable | enable}

set server <ip_address>

set status {disable | enable}

end

You can disable individual features of your firewall which you do not want to logged on your Syslog server

config log syslogd filter

set local-traffic {enable | disable}

set severity {alert | critical | debug | emergency | error | information | notification | warning}

end

If you want to enable logging in multiple log server. please follow the below steps.

For logging in second Syslog server:

config log syslogd2 setting

set csv {disable | enable}

set facility <facility_name>

set port <port_integer>

set reliable {disable | enable}

set server <ip_address>

set status {disable | enable}

end

For logging in Third Syslog server:

config log syslogd3 setting

set csv {disable | enable}

set facility <facility_name>

set port <port_integer>

set reliable {disable | enable}

set server <ip_address>

set status {disable | enable}

end

You can check disk storage of your firewall by below commands.

diag sys logdisk usage

Output may like this

Total HD usage: 196MB/4011 MB

Total HD logging space: 42583MB

Total HD logging space for each vdom: 42583MB

HD logging space usage for vdom “root”: 30MB/22583MB

By Following above Steps you can configure Logging to Syslog Server in Fortigate

Others Article:

Reset FortiGate Password Firewall