Hot!DNS-logging doesn´t work

Author
EricFo
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/06/03 22:58:59
  • Status: offline
2020/06/03 23:08:43 (permalink)
0

DNS-logging doesn´t work

Running fortios 6.0.4. I´ve enabled DNS-logging in both the disk settings and tried to send DNS-logs to a syslog server. But no DNS-logs appears. Get all other logs that I tried, but the DNS-logs wont appear on the FW or the Syslog-server.
 
config log disk filter
set dns enable
end
 
config log syslogd filter
set dns enable
end
 
Also tried set the Log Level to Information, which was implied by fortinet. But I´m stuck at this point. Any help or things that I can check?
 
 
#1

3 Replies Related Threads

    Hosemacht
    Silver Member
    • Total Posts : 75
    • Scores: 3
    • Reward points: 0
    • Joined: 2017/04/18 04:06:13
    • Location: Upper Austria
    • Status: offline
    Re: DNS-logging doesn´t work 2020/06/04 02:30:12 (permalink)
    0
    Hey there,
     
    please have a look at this post:
    https://forum.fortinet.com/tm.aspx?m=178731&tree=true#
     
    Regards

    sudo apt-get-rekt
    #2
    EricFo
    New Member
    • Total Posts : 2
    • Scores: 0
    • Reward points: 0
    • Joined: 2020/06/03 22:58:59
    • Status: offline
    Re: DNS-logging doesn´t work 2020/06/04 03:47:36 (permalink)
    0
    Thanks. Not really what I´m looking for. I wan´t to use this solution:
     

    DNS Logging (401757)

    FortiOS logging now includes the Detailed DNS log message type. DNS events were previously recorded as event logs. In FortiOS 5.6 DNS log messages are a new category that also includes more DNS log messages to provide additional detail about DNS activity through the FortiGate. You can enable DNS logging from the CLI using the following command (shown in this example for memory logging):
     
    config log memory filterset dns enableend 
    DNS log messages include details of each DNS query and response. DNS log messages are recorded for all DNS traffic though the FortiGate and originated by the FortiGate.
     
    The detailed DNS logs can be used for low-impact security investigation. Most network activity involves DNS activity of some kinds. Analyzing DNS logs can provide a lot of details about the activity on your network without using flow or proxy-based resource intensive techniques.
    post edited by EricFo - 2020/06/08 23:29:09
    #3
    Hosemacht
    Silver Member
    • Total Posts : 75
    • Scores: 3
    • Reward points: 0
    • Joined: 2017/04/18 04:06:13
    • Location: Upper Austria
    • Status: offline
    Re: DNS-logging doesn´t work 2020/06/04 05:48:41 (permalink)
    0
    thanks for your reply, please let me know if it works for you (it doesnt for me)
     
    Regards

    sudo apt-get-rekt
    #4
    Jump to:
    © 2020 APG vNext Commercial Version 5.5