For improved performance, unless necessary, avoid logging highly frequent log types. While logs sent to your Syslog server do not persist in FortiWeb’s local RAM, FortiWeb still must use bandwidth and processing resources while sending the log message. |
Variable | Description | Default |
status {enable | disable} | Enable to send log messages to the Syslog server defined by config log syslog-policy. Also configure facility, policy and severity. | disable |
facility {alert | audit | auth | authpriv | clock | cron | daemon | ftp | kernel | local0 | local1 | local2 | local3 | local4 | local5 | local6 | local7 | mail | ntp | user} | Type the facility identifier that the FortiWeb appliance will use to identify itself when sending log messages to the first Syslog server. To easily identify log messages from the FortiWeb appliance when they are stored on the Syslog server, enter a unique facility identifier, and verify that no other network devices use the same facility identifier. | local7 |
severity {alert | critical | debug | emergency | error | information | notification | warning} | Select the severity level that a log message must meet or exceed in order to cause the FortiWeb appliance to send it to the first Syslog server. | information |
policy <syslogd-policy_name> | If logging to a Syslog server is enabled, type the name of a Syslog policy which describes the Syslog server to which the log message will be sent. The maximum length is 35 characters. For more information on Syslog policies, see “config log syslog-policy”. | No default. |