Enabling security logging
There are two types of logging that relate to authentication — event logging, and security logging.
When enabled, event logging records system events such as configuration changes, and authentication. To configure event logging, go to Log&Report > Log Config > Log Settings and enable Event Logging. Select the events you want to log, such as User activity event.
When enabled, security logging will log UTM and security policy traffic.
You must enable logging within a security policy, as well as the options that are applied to a security policy, such as UTM features. Event logs are enabled within the Event Log page,
For more information on specific types of log messages, see the
FortiOS Log Message Reference.
| You need to set the logging severity level to Notification when configuring a logging location to record traffic log messages. |
To enable logging within an existing security policy - web-based manager
1. Go to Policy > Policy.
2. Expand to reveal the policy list of a policy.
3. Select the security policy you want to enable logging on and then select Edit.
4. To log all general firewall traffic, select the check box beside Log Allowed Traffic.
5. On the security policy’s page, select the check box beside UTM.
6. In UTM Security Profiles, select enable the UTM profiles that you want applied to the policy, then select the profile or sensor from the drop-down list as well.
7. Select OK.