Monitoring your system : Logging : Configuring logging
Configuring logging
You can configure the FortiADC appliance to store log messages either locally (that is, in RAM or to the hard disk) and or remotely (that is, on a Syslog server or FortiAnalyzer appliance). Your choice of storage location may be affected by several factors, including the following.
Logging only locally may not satisfy your requirements for off-site log storage.
Very frequent logging may cause undue wear when stored on the local hard drive. A low severity threshold is one possible cause of frequent logging. For more information on severity levels, see “Log severity levels”.
Very frequent logging, such as when the severity level is low, may rapidly consume all available log space when stored in memory. If the available space is consumed, and if the FortiADC appliance is configured to do so, it may store any new log message by overwriting the oldest log message. For high traffic volumes, this may occur so rapidly that you cannot view old log messages before they are replaced.
Usually, fewer log messages can be stored in memory. Logging to a Syslog server or FortiAnalyzer appliance may provide you with additional log storage space.
For information on viewing locally stored log messages, see “Viewing log messages”.
To configure logging
1. If you will store logs remotely, configure connectivity information such as the IP address. See “Logging to a FortiAnalyzer or Syslog server”.
2. Enable logging for each type that you want to record to those local or remote destinations. See “Enabling traffic & event logs”.
3. Monitor your log messages via the web UI or through alert email for events that require action from network administrators. See “Viewing log messages” and “Alert email”. Configure reports that are derived from log data to review trends in your network. See “Reports”.
Logs stored remotely cannot be viewed from the FortiADC web UI. If you require the ability to view logs from the web UI, also enable local storage. For details, see “Enabling traffic & event logs”.