config : log disk
 
log disk
Use this command to enable and configure recording of log messages to the local hard disk.
 
Logging must be enabled for each individual log type before log messages will recorded to disk. See config log attack-log, config log event-log, and config log traffic-log for details.
You can use SNMP traps to notify you when disk space usage exceeds 80%. For details, see “config system snmp community”.
You can generate reports based upon log messages that you save to the local hard disk. For details, see “config log reports”.
Syntax
config log disk
set diskfull {nolog | overwrite}
set max-log-file-size <file-size_int>
set severity {alert | critical | debug | emergency | error | information | notification | warning}
set status {enable | disable}
end
Variable
Description
Default
status {enable | disable}
Enable to store log messages on the local hard disk. Log messages are stored only if logging is enabled for the individual log types using the config log attack-log, config log event-log, and config log traffic-log commands. Also configure severity, diskfull and max‑log‑file‑size.
enable
diskfull {nolog | overwrite}
Type what the FortiWeb appliance will do when the local disk is full and a new log message is caused, either:
nolog — Discard the new log message.
overwrite — Delete the oldest log file in order to free disk space, then store the new log message.
This field is available only if status is enable.
overwrite
max-log-file-size <file-size_int>
Type the maximum size in megabytes (MB) of the current log file.
When the log file reaches the maximum size the log file is rolled (that is, the current log file is saved to a file with a new name, and a new log file is started).
The valid range is between 100 and 200 MB.
This field is available only if status is enable.
100
severity {alert | critical | debug | emergency | error | information | notification | warning}
Select the severity level that a log message must meet or exceed in order to cause the FortiWeb appliance to record it.
information
Example
This example enables logging of event and attack logs and recording of the log messages to the local hard disk. Only the log messages with a severity of notification or higher are recorded. If all free space on the hard disk is consumed and a new log message is generated, the diskfull option determines that the FortiWeb will overwrite the oldest log message. The log messages are saved to a separated log file for each message type. Once the log file size reaches the 100 MB specified by max-log-file-size, the FortiWeb appliance saves the log file with a sequentially-numbered name and starts a new log.
config log event-log
set status enable
end
config log attack-log
set status enable
end
config log disk
set status enable
set severity notification
set diskfull overwrite
set max-log-file-size 100
end
Related topics
config log attack-log
config log event-log
config log traffic-log
config system snmp community
config log reports
execute formatlogdisk