Enabling and configuring log settings
To access your log messages on the FortiMail GUI, your administrator account’s Domain must be set to System. This is configured under System > Administrator > Administrator.
In addition, the administrator's access profile must have Read Only or Read-Write permissions set in the Others category. This is configured under System > Administrator > Admin Profile.
To enable and configure logging to the local hard disk:
- Go to Log & Report > Log Settings > Local and click Enable.
- Set Log file size to the file size limit (100 MB by default).
- Set Log time to the file age limit (45 days by default), and the hour of the day that the file rotation should occur.
- Set Log level to the severity-level that a log message must equal or exceed for it to be recorded.
- Set Log retention period to the number of days that a log will be kept before it is deleted (up to a maximum of 1461 days, or approximately four years). 0 means no limit.
- Set Log options when disk is full to the appropriate action: Overwrite to delete the oldest log file in order to free disk space and store the new log message, or Do not log to discard all new log messages.
- Under Logging Policy Configuration, enable the types of events to be included in the generated logs. Expand System Event and Mail Event for more granular control.
- Click Apply.
The FortiMail unit will rotate the current log and start a new log file depending on whether the log file reaches a certain file size in MB or age in days first.
Although set to Information by default, avoid using low-level severities (such as Information or Notification), as this can lead to an excessive logging frequency, which can be detrimental to the system's longevity.