Skip to main content
Robin_McDonald_FTNT
Staff & Editor
Robin_McDonald_FTNT
Staff & Editor
February 24, 2015

Technical Tip: How to configure FortiWeb to send logs to FortiAnalyzer

  • February 24, 2015
  • 0 replies
  • 9197 views

Description

 
This article describes how to connect FortiWeb to a FortiAnalyzer Device or VM.


Scope

 
FortiWeb and FortiAnalyzer.


Solution:

 

On the FortiWeb:
 
  1. Configure FortiWeb with a FortiAnalyzer IP.
  • Go to Log & Report -> Log Policy -> FortiAnalyzer Policy.
  • Create a new policy.
  • Set Name.
  • Set FortiAnalyzer IP.
  • Select 'OK'.
84.png

 

  • Using the FortiWeb CLI:

 

config log fortianalyzer-policy
    edit "0"
        set ip-address <FortiAnalyzer-IP>
    next
end

 

  1. Configure FortiAnalyzer log settings.
  • Go to Log & Report -> Log Config -> Global Log Settings.
  • Enable the FortiAnalyzer checkbox.
  • Specify 'Log Level' as 'Information'.
  • Specify 'FortiAnalyzer Policy' as 'FortiAnalyzer' (the name of the FortiAnalyzer policy created in the previous step).
  • Select 'Apply'.

85.png

 

  • Using the CLI:
 
config log forti-analyzer
    set severity debug
    set fortianalyzer-policy 0
end
 
On the FortiAnalyzer:
The FortiWeb can be added either to a Fabric ADOM or a dedicated FortiWeb ADOM (recommended).
 
  1. ADOM Configuration.
  • Enable the ADOM, either from the Dashboard or from System Settings -> ADOMs.

mkannan_FD40249_tn_FD40249-3.jpg

  1. Device registration.
  • Go to Root-ADOM -> Device Manager -> Unregistered device.
mkannan_FD40249_tn_FD40249-4.jpg
 
  • After selecting 'OK', the device will be added, verified, and 'CLOSE' will be selected.
mkannan_FD40249_tn_FD40249-5.jpg

  • Log in to the FortiWeb ADOM:
mkannan_FD40249_tn_FD40249-6.jpg

There is another option to integrate FortiWeb with FortiAnalyzer.
 
  1. Creating New ADOM.
  • Go to System Settings -> ADOMs -> Create New.
  • Set Name.
  • Select 'FortiWeb' as the type.
  • Keep all other settings with default values.
  • Select 'OK'.

86.png

 

  1. Change to the New FortiWeb ADOM to integrate FortiWeb.

     

    • Go to Dashboard -> Select the ADOM Button.
                                                       

    88.png

    • Select the new FortiWeb ADOM created.

    89.png

     

  2. Configure FortiWeb in FortiAnalyzer -> Device Manager.

    • Go to Device Manager.
    • Select Add Device.

    90.png

     

    • Set Name.
    • Select Link Device by: Serial Number.
    • Set FortiWeb Serial Number.
    • Select FortiWeb Device Model.
    • Select 'Next'.

     

    91.png

     

    • A New Database is created, and FortiWeb will be integrated.
    • Select 'Next' to finish.

     

    92.png

     

    • It is possible to see the wrong Version and Model; it is normal, as FortiAnalyzer and FortiWeb need to complete the synchronization.

    93.png

     

    • Complete the configuration on FortiWeb (as mentioned in step 1). Then, after a few seconds, the FortiWeb connects to FortiAnalyzer and the correct information is visible.

    94.png

 

Related documents:

Terms & ConditionsAccessibility statement