log : syslogd override-setting
 
syslogd override-setting
Use this command within a VDOM to override the global configuration created with the config log syslogd setting command. These settings configure the connection to a syslog server.
Syntax
config log syslogd override-setting
set override {enable | disable}
set status {enable | disable}
set csv {enable | disable}
set facility {alert | audit | auth | authpriv | clock | cron | daemon | ftp | kernel | local0 | local1 | local2 | local3 | local4 | local5 | local6 | local7 | lpr | mail | news | ntp | syslog | user | uucp}
set port <port_integer>
set reliable {disable | enable}
set server <address_ipv4 | fqdn>
set source-ip <address_ipv4>
end
Variable
Description
Default
override {enable | disable}
Enable to use the override settings below. Disable to use the global configuration created with the config log syslogd setting command.
disable
status {enable | disable}
Enter enable to enable logging to a remote syslog server.
disable
csv {enable | disable}
Enter enable to enable the FortiGate unit to produce the log in Comma Separated Value (CSV) format. If you do not enable CSV format the FortiGate unit produces plain text files.
disable
facility {alert | audit | auth | authpriv | clock | cron | daemon | ftp | kernel | local0 | local1 | local2 | local3 | local4 | local5 | local6 | local7 | lpr | mail | news | ntp | syslog | user | uucp}
Enter the facility type. facility identifies the source of the log message to syslog. You might want to change facility to distinguish log messages from different FortiGate units. Available facility types are:
alert: log alert
audit: log audit
auth: security/authorization messages
authpriv: security/authorization messages (private)
clock: clock daemon
cron: cron daemon performing scheduled commands
daemon: system daemons running background system processes
ftp: File Transfer Protocol (FTP) daemon
kernel: kernel messages
local0local7: reserved for local use
lpr: line printer subsystem
mail: email system
news: network news subsystem
ntp: Network Time Protocol (NTP) daemon
syslog: messages generated internally by the syslog daemon
local7
port <port_integer>
Enter the port number for communication with the syslog server.
514
reliable {disable | enable}
Enable reliable delivery of syslog messages to the syslog server. When enabled, the FortiGate unit implements the RAW profile of RFC 3195, sending log messages using TCP protocol.
disable
server <address_ipv4 | fqdn>
Enter the IP address of the syslog server that stores the logs.
No default.
source-ip <address_ipv4>
Enter source IP address for syslogd, syslog2 and syslog3
0.0.0.0