ips : setting
 
setting
Use the IPS settings command to configure settings for IPS packet logging.
Syntax
config ips settings
set ips-packet-quota <MB_int>
set packet-log-history <packets_int>
set packet-log-memory <KB_int>
set packet-log-post-attack <packets_int>
end
Variable
Description
Default
ips-packet-quota <MB_int>
Enter the maximum amount of disk space to use for logged packets when logging to disk. The acceptable range is from 0 to 4294967295 megabytes. This command affects only logging to disk.
0
packet-log-history <packets_int>
Enter the number of packets to capture before and including the one in which the IPS signature is detected.
If the value is more than 1, the packet containing the signature is saved in the packet log, as well as those preceding it, with the total number of logged packets equalling the packet‑log‑history setting. For example, if packet‑log‑history is set to 7, the FortiGate unit will save the packet containing the IPS signature match and the six before it.
The acceptable range for packet-log-history is from 1 to 255. The default is 1.
Setting packet-log-history to a value larger than 1 can affect the performance of the FortiGate unit because network traffic must be buffered. The performance penalty depends on the model, the setting, and the traffic load.
1
packet-log-memory <KB_int>
Enter the maximum amount of memory to use for logged packets when logging to memory. The acceptable range is from 64 to 8192 kilobytes. This command affects only logging to memory.
256
packet-log-post-attack <packets_int>
Enter how many packets are logged after the one in which the IPS signature is detected. For example, if packet-log-post- attack is set to 10, the FortiGate unit will save the ten packets following the one containing the IPS signature match.
The acceptable range for packet-log-post-attack is from 0 to 255. The default is 0.
0