Hot!How does the " log all search keywords" feature work in FortiOS 5?

Author
billp
Expert Member
  • Total Posts : 845
  • Scores: 47
  • Reward points: 0
  • Joined: 2009/05/20 23:44:05
  • Location: Pacific Northwest
  • Status: offline
2013/03/19 15:07:28 (permalink)
0

How does the " log all search keywords" feature work in FortiOS 5?

There is an option under Advanced Filter in the Webfilter Profile area in FortiOS 5 called " log all search keywords" .

I have not been able to find any documentation on how this works. Anybody tried this out yet?

I don' t have a FortiAnalyzer 5.0 running, so can' t run a report there. I was hoping there would be some evidence of the keywords in the Forward Traffic log file, but I could not see any evidence that it was logging keywords separately. Perhaps this is a feature that only works if you have a FAZ 5.0?

Any insight on this feature would be appreciated.

Thanks.

Bill

==========
Fortigate 600C 5.0.12, 111C 5.0.2
Logstash 1.4.1
#1
billp
Expert Member
  • Total Posts : 845
  • Scores: 47
  • Reward points: 0
  • Joined: 2009/05/20 23:44:05
  • Location: Pacific Northwest
  • Status: offline
RE: How does the " log all search keywords" feature work in FortiOS 5? 2013/03/19 15:16:34 (permalink)
0
Figured it out. I' ll answer my own post.

I was looking in the wrong place. The keywords are included in the UTM Security Log section under Web Filter. It logs every search phrase entered by each user. This is a feature I' ve asked for, so perhaps someone listened to me :) It pays to part of the beta.


Bill

==========
Fortigate 600C 5.0.12, 111C 5.0.2
Logstash 1.4.1
#2
whayden1
Bronze Member
  • Total Posts : 27
  • Scores: 4
  • Reward points: 0
  • Joined: 2013/07/02 15:55:52
  • Status: offline
Re: RE: How does the " log all search keywords" feature work in FortiOS 5? 2016/08/11 20:52:47 (permalink)
0
How do you enable it via the CLI.  I just did a show full on my custom web filter profile with setting on and off and compared the results.  There's no changes, at least at the profile level.  Easy enough to enable via the GUI, but I need to push an FMG CLI script to enable this on 1400 firewall clusters.  Am I looking in the wrong place?
#3
whayden1
Bronze Member
  • Total Posts : 27
  • Scores: 4
  • Reward points: 0
  • Joined: 2013/07/02 15:55:52
  • Status: offline
Re: RE: How does the " log all search keywords" feature work in FortiOS 5? 2016/08/11 21:18:25 (permalink)
0
NM, I'm tired.  I have two firewall clusters open and I did the show full on the wrong firewall.
 
Answer:
config webfilter profile
edit "UTM_Web_Filter_Base"
config web
set log-search enable <-- Yeah not really hard.  The firewall I was looking at is running older code hence the reason I just didn't see it in the first stinking place.  Off to bed.
end
end
end
 
#4
Fullmoon
Platinum Member
  • Total Posts : 728
  • Scores: 4
  • Reward points: 0
  • Joined: 2010/08/02 18:02:10
  • Status: offline
Re: RE: How does the " log all search keywords" feature work in FortiOS 5? 2016/08/11 23:18:55 (permalink)
0
billp
Figured it out. I' ll answer my own post.

I was looking in the wrong place. The keywords are included in the UTM Security Log section under Web Filter. It logs every search phrase entered by each user. This is a feature I' ve asked for, so perhaps someone listened to me :) It pays to part of the beta.

 
hi billp, what would be the benefit of having that? pls enlighten us.
 
appreciate your feedback
 
 

Fortigate Newbie
#5
nmelanson75
New Member
  • Total Posts : 3
  • Scores: 0
  • Reward points: 0
  • Joined: 2017/11/13 08:45:16
  • Status: offline
Re: How does the " log all search keywords" feature work in FortiOS 5? 2017/11/13 08:47:33 (permalink)
0
Did you ever find your answer to this, I turned it one but as I don't have FortiAnalyser I want to know if there is another way to see the report directly from the Fortigate console. 
#6
Jump to:
© 2017 APG vNext Commercial Version 5.5