Fortigate 4.0 Integration ( Syslog )

 

Fortigate Configuration :

1. Login on your Fortigate system :
 
 

2. Go to "Log&Report" → "Log Config" → "Log Setting", then do as follow :

  • Check the "Remote Logging & Archiving".

  • Check the "Syslog" option then provide the following information :

  • IP : The IP address of the remote Syslog host.

  • Port : Default is "514", if you changed that on the Syslog server then please make sure to provide the correct one.

  • Minimum log level : "Debug".

  • Facility : "Local0".

Then Click on "Apply".

3. On the left side menu, click on "Event Log" under "Log Config" then enable all options by checking them except "CPU & memory usage" :
 
 

Logsign Configuration :

1. Go to "Settings" → "Device List" then click on "Add new device" :
 
 
2. Select "SYSLOG" as a source type :
 
 
3. Select "Fortinet" :
 
 
4. Select "FortiGate" :
 
 

5. Provide the following inforamtion :

  • IP : The IP address of the remote Syslog host.

  • Description : "Fortigate XYZ", XYZ being a meaningful name for the remote system.

  • Tag : "Fortigate".

 
Have more questions? Submit a request

Comments