Testing sending logs to the log device
After modifying both the settings and the FortiGate features for logging, you can test that the modified settings are working properly. This test is done in the CLI.
To test sending logs to the log device
1. In the CLI, enter the following command syntax:
diag log test
When you enter the command, the following appears:
generating a system event message with level - warning
generating an infected virus message with level - warning
generating a blocked virus message with level - warning
generating a URL block message with level - warning
generating a DLP message with level - warning
generating an attack detection message with level - warning
generating an application control IM message with level - information
generating an antispam message with level - notification
generating an allowed traffic message with level - notice
generating a multicast traffic message with level - notice
generating a ipv6 traffic message with level - notice
generating a wanopt traffic log message with level - notification
generating a HA event message with level - warning
generating netscan log messages with level - notice
generating a VOIP event message with level - information
generating a DNS event message with level - information
generating authentication event messages
generating a Forticlient message with level - information
generating a NAC QUARANTINE message with level - information
generating a URL block message with level - warning
2. In the web-based manager, go to Log & Report > Event Log > User, and view the logs to see the recently generated test log messages.
You will be able to tell the test log messages from real log messages because they do not have “real” information; for example, the test log messages for the vulnerability scan contain the destination IP address of 1.1.1.1 or 2.2.2.2. If you have disabled certain logs that are logged to the SQL log database, the following will appear in red at the top of the Log Table: ‘Warning: SQL Logging is not enabled.’