Fortinet black logo

CLI Reference

log

log

Use these commands to manage device logs:

log adom disk_quota

log device disk_quota

log device permissions

log device vdom

log dlp-files clear

log import

log ips-pkt clear

log quarantine-files clear

log storage-warning

log adom disk_quota

Set the ADOM disk quota.

Syntax

execute log adom disk_quota <adom_name> <value>

Variable

Description

<adom_name>

Enter the ADOM name, or enter All for all ADOMs.

<value>

Enter the disk quota value in megabytes.

log device disk_quota

Set the log device disk quota.

Syntax

execute log device disk_quota <device_id> <value>

Variable

Description

<device_id>

Enter the log device ID number, or All for all devices.

<value>

Enter the disk quota value, in megabytes (100 - 5655).

log device permissions

Set or view the log device permissions.

Syntax

execute log device permissions <device_id> <permission> {enable | disable}

Variable

Description

<device_id>

Enter the log device ID number, or All for all devices.

<permission>

The following permissions are available:

  • all: All permissions
  • logs: Log permission
  • content: Content permission
  • quar: Quarantine permission
  • ips: IPS permission

{enable | disable}

Enable/disable the option.

log device vdom

Use this command to add, delete, or list VDOMs.

Syntax

execute log device vdom add <device_name> <ADOM> <VDOM>

execute log device vdom delete <device_name> <VDOM>

execute log device vdom delete-by-id <device_name> <Id>

execute log device vdom list <device_name>

Variable

Description

add <device_name> <ADOM> <VDOM>

Add a new VDOM to a device with the device name, the ADOM that contains the device, and the name of the new VDOM.

delete <device_name> <VDOM>

Delete a VDOM from a device.

delete-by-id <device_name> <Id>

Delete a VDOM from a device using its ID number.

list <device_name>

List all the VDOMs on a device.

log dlp-files clear

Delete log DLP files.

Syntax

execute log dlp-files clear <device_name> <archive type>

Variable

Description

<device_name>

Enter the device name.

<archive type>

Enter the device archive type: all, email, im, ftp, http, or mms.

log import

Use this command to import log files from another device and replace the device ID on imported logs.

Syntax

execute log import <service> <ip_address> <user-name> <password> <file-name> <device-id>

Variable

Description

<service>

Select the file transfer protocol to use: ftp, sftp, scp, or tftp.

<ip:port>

Server IP address or host name. Port is optional.

<user-name>

Enter the username.

<password>

Enter the password or - for no password.

The <password> field is not required when <service> is tftp.

<file-name>

The file name (e.g. dir/fgt.alog.log) or directory name (e.g. dir/subdir/).

<device-id>

Replace the device ID on imported logs. Enter a device serial number of one of your log devices.

log ips-pkt clear

Delete IPS packet files.

Syntax

execute log ips-pkt clear <device_name>

Variable

Description

<device_name>

Enter the device name.

log quarantine-files clear

Delete log quarantine files.

Syntax

execute log quarantine-files clear <string>

Variable

Description

<string>

Enter the device name.

log storage-warning

Reset the licensed VM storage size warning

Syntax

execute log storage-warning reset

log

Use these commands to manage device logs:

log adom disk_quota

log device disk_quota

log device permissions

log device vdom

log dlp-files clear

log import

log ips-pkt clear

log quarantine-files clear

log storage-warning

log adom disk_quota

Set the ADOM disk quota.

Syntax

execute log adom disk_quota <adom_name> <value>

Variable

Description

<adom_name>

Enter the ADOM name, or enter All for all ADOMs.

<value>

Enter the disk quota value in megabytes.

log device disk_quota

Set the log device disk quota.

Syntax

execute log device disk_quota <device_id> <value>

Variable

Description

<device_id>

Enter the log device ID number, or All for all devices.

<value>

Enter the disk quota value, in megabytes (100 - 5655).

log device permissions

Set or view the log device permissions.

Syntax

execute log device permissions <device_id> <permission> {enable | disable}

Variable

Description

<device_id>

Enter the log device ID number, or All for all devices.

<permission>

The following permissions are available:

  • all: All permissions
  • logs: Log permission
  • content: Content permission
  • quar: Quarantine permission
  • ips: IPS permission

{enable | disable}

Enable/disable the option.

log device vdom

Use this command to add, delete, or list VDOMs.

Syntax

execute log device vdom add <device_name> <ADOM> <VDOM>

execute log device vdom delete <device_name> <VDOM>

execute log device vdom delete-by-id <device_name> <Id>

execute log device vdom list <device_name>

Variable

Description

add <device_name> <ADOM> <VDOM>

Add a new VDOM to a device with the device name, the ADOM that contains the device, and the name of the new VDOM.

delete <device_name> <VDOM>

Delete a VDOM from a device.

delete-by-id <device_name> <Id>

Delete a VDOM from a device using its ID number.

list <device_name>

List all the VDOMs on a device.

log dlp-files clear

Delete log DLP files.

Syntax

execute log dlp-files clear <device_name> <archive type>

Variable

Description

<device_name>

Enter the device name.

<archive type>

Enter the device archive type: all, email, im, ftp, http, or mms.

log import

Use this command to import log files from another device and replace the device ID on imported logs.

Syntax

execute log import <service> <ip_address> <user-name> <password> <file-name> <device-id>

Variable

Description

<service>

Select the file transfer protocol to use: ftp, sftp, scp, or tftp.

<ip:port>

Server IP address or host name. Port is optional.

<user-name>

Enter the username.

<password>

Enter the password or - for no password.

The <password> field is not required when <service> is tftp.

<file-name>

The file name (e.g. dir/fgt.alog.log) or directory name (e.g. dir/subdir/).

<device-id>

Replace the device ID on imported logs. Enter a device serial number of one of your log devices.

log ips-pkt clear

Delete IPS packet files.

Syntax

execute log ips-pkt clear <device_name>

Variable

Description

<device_name>

Enter the device name.

log quarantine-files clear

Delete log quarantine files.

Syntax

execute log quarantine-files clear <string>

Variable

Description

<string>

Enter the device name.

log storage-warning

Reset the licensed VM storage size warning

Syntax

execute log storage-warning reset