Logging and Reporting : Configuring local log settings
Configuring local log settings
The local log is a datastore hosted on the FortiADC system.
Typically, you use the local log to capture information about system health and system administration activities. We recommend that you use local logging during evaluation and verification of your initial deployment, and then configure remote logging to send logs to a log management repository where they can be stored long term and analyzed using preferred analytic tools.
Local log disk settings are configurable. You can select a subset of system events, traffic, and security logs.
Before you begin:
You must have Read-Write permission for Log & Report settings.
To configure local log settings:
1. Go to Log & Report > Log Setting.
The configuration page displays the Local Log tab.
2. Complete the configuration as described in Table 98.
3. Save the configuration.
Table 98: Local logging configuration
Select to enable local logging.
File Size
Maximum disk space for a local log file. The default is 200 MB. When the current log file reaches this size, a new file is created.
Log Level
Select the lowest severity to log from the following choices:
Emergency—The system has become unstable.
Alert—Immediate action is required.
Critical—Functionality is affected.
Error—An error condition exists and functionality could be affected.
Warning—Functionality might be affected.
Notification—Information about normal events.
Information—General information about system operations.
Debug—Detailed information about the system that can be used to troubleshoot unexpected behavior.
For example, if you select Error, the system collects logs with level Error, Critical, Alert, and Emergency. If you select Alert, the system collects logs with level Alert and Emergency.
Disk Full
Select log behavior when the maximum disk space for local logs (30% of total disk space) is reached:
Overwrite—Continue logging. Overwrite the earliest logs.
No Log—Stop logging.
Select to enable logging for events.
Event Category
Select the types of events to collect in the local log:
Configuration—Configuration changes.
Admin—Administrator actions.
Application—Health check results.
System—System operations, warnings, and errors.
User—Authentication results logs.
Select to enable logging for traffic processed by the load balancing modules.
Traffic Category
SLB—Server Load Balancing logs.
GLB—Global Load Balancing logs.
Attack Logging
Select to enable logging for traffic processed by the security modules.
Security Category
DoS—SYN flood protection logs.
IP Reputation—IP Reputation logs.
WAF—WAF logs.
Geo—Geo IP blocking logs.