Log traffic options for IPv4 Policy

Author
alex.d
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/09/12 00:06:08
  • Status: offline
2019/09/12 00:34:29 (permalink) 6.0
0

Log traffic options for IPv4 Policy

Hi everybody,
I'm new in the FortiWorld, and I need to understand the exact difference between "Log Security Events" and "Log All Sessions" when I configure an IPv4 policy via FortiManager.
I would also like to understand the impact this choice will have on my infrastructure. (storage, ...)
I looked (a lot) in the documentation available at Fortinet, but I didn't find this information.
Thank in advance for your help.
#1

2 Replies Related Threads

    Dave Hall
    Expert Member
    • Total Posts : 1475
    • Scores: 162
    • Reward points: 0
    • Joined: 2012/05/11 07:55:58
    • Location: Canada
    • Status: offline
    Re: Log traffic options for IPv4 Policy 2019/09/12 10:18:47 (permalink)
    0
    Log Security Events will only log Security (UTM) events (e.g. AV, IPS, firewall webfilter), providing you have applied one of them to a firewall (rule) policy.  Log all traffic will do just that - personally, I would not enabled "Log all traffic" unless I need to troubleshoot something in near real time.

    NSE4/FMG-VM64/FortiAnalyzer-VM/5.4/6.0 (FWF40C/FW92D/FGT200D/FGT101E)/ FAP220B/221C
    #2
    alex.d
    New Member
    • Total Posts : 2
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/09/12 00:06:08
    • Status: offline
    Re: Log traffic options for IPv4 Policy 2019/09/13 00:25:51 (permalink)
    0
    First of all, thanks a lot for this quick answer.
    Just to be sure I understand correctly the difference, could you give me some examples of information that I will find by activating "Log All Sessions" and that I wouldn't find with "Log Security Events" (even if I add the "Generate Logs when Session Starts" option) for a specific IPv4 policy rule ?
    #3
    Jump to:
    © 2019 APG vNext Commercial Version 5.5