Log View – FortiManager 5.2

Customizing the log view

The log message list can show raw or formatted, real time or historical logs. The columns in the log message list can be customized to show only relevant information in your preferred order.

Log display

By default, historical formatted logs are shown in the log message list. You can change the view to show raw logs and both raw and formatted real time logs.

To view real time logs, in the log message list, select Tools, then select Real-time Log from the drop-down menu. To return to the historical log view, select Tools, then select Historical Log from the drop-down menu.

To view raw logs, in the log message list, select View, then select Display Raw from the drop-down menu, Log view (raw display). To return to the formatted log view, select Tools, then select Display Formatted from the drop-down menu.

Log view (raw display)

This page displays the following information and options:

Refresh Select to refresh the log view. This option is only available when viewing historical logs.
Search Enter a search term to search the log messages. See To perform a text search:. Select GO in the toolbar to apply the filter.
Latest Search Select the icon to repeat previous searches, select favorite searches, or quickly add filters to your search. The filters available will vary based on device and log type.
Clear Search Select the icon to clear search filters.
Help Hover your mouse over the help icon, for example search syntax. See Examples.
Device Select the device or log array in the drop-down list. Select Manage Log Arrays in the Tools menu to create, edit, or delete log arrays.
Time Period Select a time period from the drop-down list. Options include: Last 30 mins, Last 1 hour, Last 4 hours, Last 12 hours, Last 1 day, Last 7 days, Last N hours, Last N days, or Custom. See To customize the time period:.

This option is only available when viewing historical logs.

GO Select to apply the time period and limit to the displayed log entries. A progress bar is displayed in the lower toolbar.
Create Custom View Select to create a new custom view. You can select to create multiple custom views in log view. Each custom view can display a select device or log array with specific filters and time period. See To create a new custom view:.

This option is only available when viewing historical logs.

Pause | Resume Pause or resume real-time log display. These two options are only available when viewing real-time logs.
Tools The tools button provides options for changing the manner in which the logs are displayed, and search options. You can manage log arrays and it also provides an option for downloading logs, see Download log messages.
Real-time Log Historical Log Select to change view from Real-time Log to Historical Log.
Display Formatted Select to change view from raw log display to formatted log display.
Download Select to download logs. A download dialog box is displayed. Select the log file format, compress with gzip, the pages to include and select Apply to save the log file to the management computer.

This option is only available when viewing historical logs in formatted display.

Manage Log Arrays Select to create new, edit, and delete log arrays. Once you have created a log array, you can select the log array in the Device drop-down menu in the Log View toolbar.
Case Sensitive Search Select to enable case sensitive search.
Detailed Information Detailed information on the log message selected in the log message list. The item is not available when viewing raw logs.
Status Bar Displays the log view status as a percentage.
Pagination Adjust the number of logs that are listed per page and browse through the pages.
Limit Select the maximum number of log entries to be displayed from the dropdown list. Options include: 1000, 5000, 10000, 50000, or All.

The selected log view will affect the other options that are available in the View drop-down menu. Real-time logs cannot be downloaded, and raw logs to not have the option to customize the columns.

This entry was posted in Administration Guides, FortiManager and tagged , , on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.