FortiOS 6 – FortiSwitch log export

FortiSwitch log export

You can enable and disable the managed FortiSwitch units to export their syslogs to the FortiGate. The setting is global, and the default setting is enabled. Starting in FortiOS 5.6.3, more details are included in the exported FortiSwitch logs.

To allow a level of filtering, FortiGate sets the user field to “fortiswitch-syslog” for each entry.

The following is the CLI command syntax:

config switch-controller switch-log set status (*enable | disable)

set severity [emergency | alert | critical | error | warning | notification |

*information | debug] end

You can override the global log settings for a FortiSwitch, using the following commands:

config switch-controller managed-switch edit <switch-id> config switch-log set local-override enable

At this point, you can configure the log settings that apply to this specific switch.

This entry was posted in Administration Guides, FortiOS 6, FortiSwitch on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.