Configuring log forwarding
The firewall will not automatically forward all logs to Panorama or Logging Service. Log forwarding needs to be configured and assigned to specific logs or log types before anything is sent out. There are two main types of logs that can be forwarded:
- System event logs
- Traffic flow-related logs
Device daemon-related logs are only stored locally.
Important note
Only logs that are being stored locally can be forwarded. Any rule, policy, or profile that is set to not log also cannot generate logs to be forwarded. Forwarded logs will also remain available locally (for as long as storage is available); they are not purged after being forwarded.
In the firewall, you can check whether log forwarding is available and working with the following commands:
> request log-collector-forwarding status > request logging-service-forwarding status
Let's first take a look at the system logs
System logs
In Device | Log Settings...