Does this information look incorrect or out-of-date? Please contact us at support@socos.io.
To enable syslog, log into the CLI and enter the following commands:
config log syslogd setting
set facility user
set port 2514 [set 2514/5/6... as necessary]
set server [IP address of syslog server]
set status enable
set reliable disable
set format cef
end
You can configure up to four syslog servers on FortiGate. Just replace ‘syslogd’ with 'syslogd2', 'sylsogd3' or 'syslogd4' on the first line to configure each syslog server.
Most FortiGate features are enabled for logging by default, but you can make sure the Traffic, Web and URL Filtering features are enabled for logging with the following commands:
config log syslogd filter
set traffic enable
set web enable
set url-filter enable
end
The logging of referrer URLs was introduced in FortiOS 5.4, which is a great feature for web usage analysis. Unfortunately, you need to enable it per web profile. This is also done at the CLI:
config webfilter profile
edit [Name of your profile]
set log-all-url enable
set web-filter-referer-log enable
end
For more information on logging to a remote syslog server, please see Fortinet’s Logging and Reporting Guide.
https://docs.fortinet.com/document/fortigate/6.0.0/handbook/482942/logging-and-reporting