Log types (Seect 3)
Security
Event
Traffic
System
Network
VPN
0 — ❌ 1 —❌ 2 — ❌ 3 — ❌ 4 — ❌ 5 — ❌ 6 — ❌ 7 — ❌
The log ______ contains fields that are common to all log types, such as originating date and time, log identifier, log category, and VDOM.
body
header
Which local storage type is preferred for logging?
a. Flash memory
b. Hard drive
The system reserves approximately __% of its disk space for system usage and unexpected quota overflow.
a. 75
b. 25
By default, what happens when your disk is full?
a. Logging stops
b. The oldest logs are overwritten
Configure logging options:
Real time Every time Every 5 minutes
Automatic Store and upload Send logs to FortiAnalyzer/FortiManager
Fortigate uses ______ for log transmission
UDP 514 (or TCP 514 if reliable logging is enabled)
UDP 154 (or TCP 154 if reliable logging is enabled)
Log messages are stored on disk and transmitted to FortiAnalyzer as plain text in _____ compressed format. Reduces disk log size and reduces log transmission time and bandwidth usage
LZ4
ZL4
What protocol does FortiGate use to send encrypted logs to FortiAnalyzer?
a. OFTPS
b. SSL
If you enable reliable logging, which transport protocol will FortiGate use?
a. UDP
b. TCP
What happens when logs roll?
a. It lowers the space requirements needed to contain those logs.
b. They are uploaded to an FTP server.
When you download logs on the GUI
a. all logs in the SQL database are downloaded.
b. only your current view, including any filters set, are downloaded.
What does the following CLI command do? config log disk setting set upload enable
a. Configures rolled logs to upload to an FTP server
b. Configures rolled logs to upload to any external logging device
Forward Local Sniffer
Endpoint Control High Availability System User Router VPN WAD Wireless
Application Control Antivirus Data Leak Prevention (DLP) Anti-Spam Web Filter Intrusion Prevention System (IPS) Anomaly (DOS-policy) Web Application Firewall (WAF)
Constant rewrites can reduce the lifetime and efficiency of the memory Logging disabled by default Not recommended for logging, should use external logging device instead
Flash memory
Hard drive
Local logging
FortiGate devices that have a hard drive store logs in an SQL database Data is extracted from the SQL database for reports
Flash Memory
Log storage - Local (select 3)
FortiCloud
Fortiguard
FortiAsic
lf disk logging is disabled, FortiView logs are only available in real-time.
The system reserves approximately _____ of its disk space for system usage and unexpected quota overflow.
25%
35%
15%
To determine the amount of reserved space on your FortiGate, use the CLI command _______________________. Subtract the total logging space from the total disk space to calculate the reserved space.
diagnose sys logdisk usage
diagnose sys log
diagnose sys disk usage
FortiGate issues warnings before disk reaches a full state: :3
First warning: 75% Second warning: 90% Final warning: 95%
First warning: 65% Second warning: 80% Final warning: 85%
