Hi,
Do anyone have some input relating to logs and what to log. Comming from a different vendor I am fairly used to the basick accept/drop, and if I need more than that I will do a packet capture.
I see in my fortianalyzer that I get tons of "closed" and sometimes cant see "accepts".
Is there some issues with logging the accepts, is it related to the "start logging when session begins" option ? And does this behave different on different types of fortigates ? I cant wrap my head around it.
I would like to have an global optin set so all session that i enable log on will show me either block or accept. And just have the whole "closed" stuff removed.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.