Fortinet black logo

Handbook

Home FortiGSLB Handbook

Audit Logs

Audit Logs

The audit log records system activities such as user login and logout, and issues warnings for personal licenses. It triggers reminders in the log if a license is due to expire within 1, 3, or 15 days. Additionally, it notifies when all query license capacities are exhausted.

Primary users can access all audit logs, while sub-users can only view their own audit logs.

Field

Description
Time The local time when the event occurred.
Priority

The system's assessment of the urgency level for this logged event.

Emergency: This is the most severe level, indicating a catastrophic failure or situation that requires immediate attention and action.

Alert: This level indicates a critical situation where immediate action is required from the customer.

Critical: This level denotes a severe error or failure that affects the system's functionality.

Warning: This level signifies a potential problem or issue that the customer should be aware of and investigate further.

Notice: This level provides insight into the cause of an error or an unusual event.

Info: This level conveys general informational messages that are useful for tracking system activities or providing updates.

Debug: This level is used for detailed debugging information.
User

If the event pertains to a user in your organization, their username will be displayed in this field; otherwise, it will show as None.
Type

This field describes the nature of the log.

system: Tracks system events like licensing changes and user logins.

config: Configuration events, such as a newly configured FQDN

health_check: Monitors system health through tests and alerts for issues like overloads or status changes.

connector: Keeps tabs on the health and function of connectors, essential for data flow and system connections.
Action This field specifies the action recorded in this audit log, offering more detail than the Type field.
Status The outcome of the event, indicating success or failure.
Message Details regarding the event as gathered from the system.
Filters

Customize your log views by specifying a date range and by adding filters (by priority, type, user, action, status and message).

Previous
Next

Audit Logs

The audit log records system activities such as user login and logout, and issues warnings for personal licenses. It triggers reminders in the log if a license is due to expire within 1, 3, or 15 days. Additionally, it notifies when all query license capacities are exhausted.

Primary users can access all audit logs, while sub-users can only view their own audit logs.

Field

Description
Time The local time when the event occurred.
Priority

The system's assessment of the urgency level for this logged event.

Emergency: This is the most severe level, indicating a catastrophic failure or situation that requires immediate attention and action.

Alert: This level indicates a critical situation where immediate action is required from the customer.

Critical: This level denotes a severe error or failure that affects the system's functionality.

Warning: This level signifies a potential problem or issue that the customer should be aware of and investigate further.

Notice: This level provides insight into the cause of an error or an unusual event.

Info: This level conveys general informational messages that are useful for tracking system activities or providing updates.

Debug: This level is used for detailed debugging information.
User

If the event pertains to a user in your organization, their username will be displayed in this field; otherwise, it will show as None.
Type

This field describes the nature of the log.

system: Tracks system events like licensing changes and user logins.

config: Configuration events, such as a newly configured FQDN

health_check: Monitors system health through tests and alerts for issues like overloads or status changes.

connector: Keeps tabs on the health and function of connectors, essential for data flow and system connections.
Action This field specifies the action recorded in this audit log, offering more detail than the Type field.
Status The outcome of the event, indicating success or failure.
Message Details regarding the event as gathered from the system.
Filters

Customize your log views by specifying a date range and by adding filters (by priority, type, user, action, status and message).

Previous
Next