How you can monitor traffics logs in fortigate CLI

in #fortigate7 years ago

HASHEM.jpg

if you want to monitor traffic logs in a Fortigate firewall via CLI you can use following commands:

FG # execute log display

when you execute this command your firewall display you firs 10 ( by default ) traffic logs. with following command you can change number of lines you want to display:

FG # execute log filter view-lines (number of lines 5 - 1000)

these Outputs are not filtered by any specific conditions. if you want to filter outputs use following commands:

FG # execute log filter field srcip [SOURCE-IP-ADDRESS-OF-TRAFFIC]
FG # execute log filter field dstip [DESTINATION-IP-ADDRESS-OF-TRAFFIC]
FG # execute log filter field srcport [SOURCE-PORT-NUMBER]
FG # execute log filter field dstport [DESTINATION-PORT-NUMBER]

and then use following command again:

FG # execute log display

NOTE: you should enter the real value without brackets.