Configuring rolling and uploading of logs

Configure the time to be either a daily or weekly occurrence, and when the roll occurs. When a current log file (tlog.log) reaches its maximum size, or reaches the scheduled time, the FortiManager unit rolls the active log file by renaming the file. The file name will be in the form of xlog.N.log (for example, tlog.1252929496.log), where x is a letter indicating the log type and N is a unique number corresponding to the time the first log entry was received. The file modification time will match the time when the last log was received in the log file.

Once the current log file is rolled into a numbered log file, it will not be changed. New logs will be stored in the new current log called tlog.log. If log uploading is enabled, once logs are uploaded to the remote server or downloaded via the Web-based Manager, they are in the following format:

If you have enabled log uploading, you can choose to automatically delete the rolled log file after uploading, thereby freeing the amount of disk space used by rolled log files. If the log upload fails, such as when the FTP server is unavailable, the logs are uploaded during the next scheduled upload.

Log rolling and uploading can be enabled and configured in the Web-based Manager in System Settings > Advanced > Device Log Settings. Log rolling and uploading can also be enabled and configured using CLI commands. For more information, see the FortiManager v5.0 Patch Release 3 CLI Reference.


del-files {enable \| disable}	Delete the log files from the FortiManager hard disk one uploading is complete. Select to enable or disable this feature.
directory <string>	The directory on the upload server where the FortiManager unit stores the uploaded logs. The maximum length is 128 characters.
file-size <integer>	Roll log files when they reach this size (MB).
gzip-format {enable \| disable}	Compress the log files using the gzip format. Select to enable or disable gzip format.
ip <server_ipv4>	The upload server’s IPv4 address.
log-format {csv \| native \| text}	The format of the uploaded log files: • csv: CSV (comma-separated value) format • native: Native format (text or compact) • text: Text format (convert if necessary)
server_type {ftp \| scp \| sftp}	The type of upload server. Select one of: ftp, scp, or sftp.
upload-hour <integer>	The hour that the log files are uploaded. The default is zero. Enter the number, without minutes, in the 24‑hour format.
upload-trigger {on-roll \| on‑schedule}	The type of trigger will upload log files. • on-roll will upload log files whenever they roll. • on-schedule will upload log files on a scheduled basis.
username <string>	The upload server user name. The maximum length is 36 characters.
password <string>	The upload server password.
when {daily \| none \| weekly}	Select when to roll log files. Select daily, weekly, or none.


hour <integer>	The hour of the day when the when the FortiManager rolls the traffic analyzer logs.
min <integer>	The minute when the FortiManager rolls the traffic analyzer logs.


days {mon \| tue \| wed \| thu \| fri \| sat \| sun}	The days or the week when the FortiManager rolls the traffic analyzer logs.
hour <integer>	The hour of the day when the when the FortiManager rolls the traffic analyzer logs.
min <integer>	The minute when the FortiManager rolls the traffic analyzer logs.