Fortinet black logo

CLI Reference

log

log

Use the following commands to manage device logs:

log

log device disk-quota

log device logstore

log device permissions

log device vdom

log dlp-files clear

log import

log ips-pkt clear

log quarantine-files clear

log storage-warning

log adom disk-quota

Set the ADOM disk quota.

Syntax

execute log adom disk-quota <adom_name> <value>

Variable

Description

<adom_name>

Enter the ADOM name, or enter All for all ADOMs.

<value>

Enter the disk quota value in megabytes.

log device disk-quota

Set the log device disk quota.

Syntax

execute log device disk-quota <device_id> <value>

Variable

Description

<device_id>

Enter the log device ID, or enter All for all devices.

<value>

Enter the disk quota value in megabytes.

log device logstore

Use this command to view and edit log storage information.

Syntax

execute log device logstore clear <device_id>

execute log device logstore list

Variable

Description

clear <device_id>

Remove leftover log directory.

list

List log storage directories.

log device permissions

Use this command to view and set log device permissions.

Syntax

execute log device permissions <device_id> <permission> {enable | disable}

Variable

Description

<device_id>

Enter the log device ID, or enter All for all devices. Example: FWF40C3911000061

<permission>

The following options are available:

  • all: All permissions
  • logs: Log permission
  • content: Content permission
  • quar: Quarantine permission
  • ips: IPS permission.

{enable | disable}

Enable/disable permissions.

log device vdom

Use this command to add, delete, or list VDOMs.

Syntax

execute log device vdom add <Device Name> <ADOM> <VDOM>

execute log device vdom delete <Device Name> <VDOM>

execute log device vdom delete-by-id <Device Name> <index>

execute log device vdom list <Device Name>

Variable

Description

add <Device Name> <ADOM> <VDOM>

Add a new VDOM to a device with the device name, the ADOM that contains the device, and the name of the new VDOM.

delete <Device Name> <VDOM>

Delete a VDOM from a device.

delete-by-id <Device Name> <index>

Delete a VDOM from a device by its index number.

list <Device Name>

List all the VDOMs on a device.

log dlp-files clear

Use this command to clear DLP log files on a specific log device.

Syntax

execute log dlp-files clear <device_name> <archive type>

Variable

Description

<device_name>

Enter the device name.

<archive type>

Enter the device archive type: all, email, im, ftp, http, or mms.

log import

Use this command to import log files from another device and replace the device ID on imported logs.

Syntax

execute log import <service> <ip:port> <user-name> <password> <file-name> <device-id>

Variable

Description

<service>

Enter the transfer protocol one of: ftp, sftp, scp,or tftp.

<ip:port>

Server IP address or host name. Port is optional.

<user-name>

Enter the username.

<password>

Enter the password or ‘-’ for no password.

The <password> field is not required when <service> is tftp.

<file-name>

The file name (e.g. dir/fgt.alog.log) or directory name (e.g. dir/subdir/).

<device-id>

Replace the device ID on imported logs. Enter a device serial number of one of your log devices.

log ips-pkt clear

Use this command to clear IPS packet logs on a specific log device.

Syntax

execute log ips-pkt clear <device_name>

Variable

Description

<device_name>

Enter the device name.

log quarantine-files clear

Use this command to clear quarantine log files on a specific log device.

Syntax

execute log quarantine-files clear <device_name>

Variable

Description

<device_name>

Enter the device name.

log storage-warning

Reset the licensed VM storage size warning

Syntax

execute log storage-warning reset

log

log

Use the following commands to manage device logs:

log

log device disk-quota

log device logstore

log device permissions

log device vdom

log dlp-files clear

log import

log ips-pkt clear

log quarantine-files clear

log storage-warning

log adom disk-quota

Set the ADOM disk quota.

Syntax

execute log adom disk-quota <adom_name> <value>

Variable

Description

<adom_name>

Enter the ADOM name, or enter All for all ADOMs.

<value>

Enter the disk quota value in megabytes.

log device disk-quota

Set the log device disk quota.

Syntax

execute log device disk-quota <device_id> <value>

Variable

Description

<device_id>

Enter the log device ID, or enter All for all devices.

<value>

Enter the disk quota value in megabytes.

log device logstore

Use this command to view and edit log storage information.

Syntax

execute log device logstore clear <device_id>

execute log device logstore list

Variable

Description

clear <device_id>

Remove leftover log directory.

list

List log storage directories.

log device permissions

Use this command to view and set log device permissions.

Syntax

execute log device permissions <device_id> <permission> {enable | disable}

Variable

Description

<device_id>

Enter the log device ID, or enter All for all devices. Example: FWF40C3911000061

<permission>

The following options are available:

  • all: All permissions
  • logs: Log permission
  • content: Content permission
  • quar: Quarantine permission
  • ips: IPS permission.

{enable | disable}

Enable/disable permissions.

log device vdom

Use this command to add, delete, or list VDOMs.

Syntax

execute log device vdom add <Device Name> <ADOM> <VDOM>

execute log device vdom delete <Device Name> <VDOM>

execute log device vdom delete-by-id <Device Name> <index>

execute log device vdom list <Device Name>

Variable

Description

add <Device Name> <ADOM> <VDOM>

Add a new VDOM to a device with the device name, the ADOM that contains the device, and the name of the new VDOM.

delete <Device Name> <VDOM>

Delete a VDOM from a device.

delete-by-id <Device Name> <index>

Delete a VDOM from a device by its index number.

list <Device Name>

List all the VDOMs on a device.

log dlp-files clear

Use this command to clear DLP log files on a specific log device.

Syntax

execute log dlp-files clear <device_name> <archive type>

Variable

Description

<device_name>

Enter the device name.

<archive type>

Enter the device archive type: all, email, im, ftp, http, or mms.

log import

Use this command to import log files from another device and replace the device ID on imported logs.

Syntax

execute log import <service> <ip:port> <user-name> <password> <file-name> <device-id>

Variable

Description

<service>

Enter the transfer protocol one of: ftp, sftp, scp,or tftp.

<ip:port>

Server IP address or host name. Port is optional.

<user-name>

Enter the username.

<password>

Enter the password or ‘-’ for no password.

The <password> field is not required when <service> is tftp.

<file-name>

The file name (e.g. dir/fgt.alog.log) or directory name (e.g. dir/subdir/).

<device-id>

Replace the device ID on imported logs. Enter a device serial number of one of your log devices.

log ips-pkt clear

Use this command to clear IPS packet logs on a specific log device.

Syntax

execute log ips-pkt clear <device_name>

Variable

Description

<device_name>

Enter the device name.

log quarantine-files clear

Use this command to clear quarantine log files on a specific log device.

Syntax

execute log quarantine-files clear <device_name>

Variable

Description

<device_name>

Enter the device name.

log storage-warning

Reset the licensed VM storage size warning

Syntax

execute log storage-warning reset