256 Fortinet Inc.
Searching logs Logging and reporting
Searching logs
Use the following procedure to search log messages saved in system memory:
1 Go to Log&Report > Logging.
2 Select Event Log, Attack Log, Antivirus Log, Web Filter Log, or Email Filter Log.
3 Select to search the messages in the selected log.
4 Select AND to search for messages that match all the specified search criteria.
5 Select OR to search for messages that match one or more of the specified search
criteria.
6 Select one or more of the following search criteria:
7 Select OK to run the search.
The web-based manager displays the messages that match the search criteria. You
can scroll through the messages or run another search.
Configuring alert email
You can configure the FortiGate unit to send alert email to up to three email addresses
when there are virus incidents, block incidents, network intrusions, and other firewall
or VPN events or violations. After you set up the email addresses, you can test the
settings by sending test email.
• Adding alert email addresses
• Testing alert email
• Enabling alert email
Adding alert email addresses
Because the FortiGate unit uses the SMTP server name to connect to the mail server,
it must be able to look up this name on your DNS server. Therefore, before configuring
alert email ensure that you have configured at least one DNS server.
To add a DNS server
1 Go to System > Network > DNS.
2 If they have not already been added, add the primary and secondary DNS server
addresses provided to you by your ISP.
3 Select Apply.
To add alert email addresses
1 Go to Log&Report > Alert Mail > Configuration.
2 Select Authentication if your email server requires an SMTP password.
Keyword To search for any text in a log message. Keyword searching is
case-sensitive.
Time To search log messages created during the selected year, month, day, and
hour.
Note: After running a search, to display all log messages again, run another search but leave all
the search fields blank.