Setting name | Description |
Log file size | Type the file size limit of the current log file in megabytes (MB). The log file size limit must be between 1 MB and 1000 MB. Note: Large log files may decrease display and search performance. |
Log time | Type the time (in days) of the file age limit. If the log is older than this limit, even if has not exceeded the maximum file size, a new current log file will be started. Valid range is between 1 and 366 days. |
At hour | Select the hour of the day (24-hour format) when the file rotation should start. When a log file reaches either the age or size limit, the FortiRecorder appliance rotates the current log file: that is, it renames the current log file (elog.log) with a file name indicating its sequential relationship to other log files of that type (elog2.log, and so on), then creates a new current log file. For example, if you set the log time to 10 days at hour 23, the log file will be rotated at 23 o’clock of the 10th day. |
Log level | Select the severity level that a log message must equal or exceed in order to be recorded to this storage location. For information about severity levels, see “Log severity levels”. Caution: Avoid recording log messages using low severity thresholds such as Information or Notification to the local hard disk for an extended period of time. A low log severity threshold is one possible cause of frequent logging. Excessive logging frequency can cause undue wear on the hard disk and may cause premature failure. |
Log options when disk is full | Select what the FortiRecorder will do when the local disk is full and a new log message is caused, either: • Do not log — Discard all new log messages. • Overwrite — Delete the oldest log file in order to free disk space, and store the new log message. |
Logging Policy Configuration | Select what type of NVR events and camera events you want to log. |
Setting name | Description |
IP | Type the IP address of a Syslog server or FortiAnalyzer. |
Port | Type the UDP port number on which the Syslog server listens for log messages. The default is 514. |
Level | Select the severity level that a log message must equal or exceed in order to be recorded to this storage location. For information about severity levels, see “Log severity levels”. Caution: Avoid recording log messages using low severity thresholds such as Information or Notification to the local hard disk for an extended period of time. A low log severity threshold is one possible cause of frequent logging. Excessive logging frequency can cause undue wear on the hard disk and may cause premature failure. |
Facility | Select the facility identifier the FortiRecorder will use to identify itself to the Syslog server if it receives logs from multiple devices. To easily identify log messages from the FortiRecorder when they are stored on a remote logging server, enter a unique facility identifier, and verify that no other network devices use the same facility identifier. |
CSV format | Enable if your Syslog server requires comma-separated values (CSV). Note: Do not enable this option if the remote host is a FortiAnalyzer. FortiAnalyzer does not support CSV-formatted log messages. |
Logging Policy Configuration | Select what type of NVR events and camera events you want to log. |
If you will be sending logs to a FortiAnalyzer appliance, you must add the FortiRecorder NVR to the FortiAnalyzer’s device list, and allocate enough disk space. Otherwise, depending on its configuration for unknown devices, FortiAnalyzer may ignore the logs. When the allocated disk space is full, it may drop subsequent logs. |