Fortiweb logs to FortiSiem

Forum|Forum|1 year ago
May 27, 2025
2 replies
1505 views

Hi

i wanna configure Fortiweb to log to my FortiSiem. can someone guide me through

Secusaurus

Contributor III

Hi @Soulaima,

Just follow the guide: https://docs.fortinet.com/document/fortisiem/7.3.2/external-systems-configuration-guide/286284/fortinet-fortiweb

Best,

Christian

NSE8 | Fortinet Advanced MSSP Partner

SoulaimaAuthor

Visitor III

Hi @Secusaurus,

I’ve already followed the documentation, but it’s not very detailed. Here’s what I’ve done so far, but I still can’t see FortiWeb in FortiSIEM.
Do you have any suggestions on what I should change or add?

Thanks in advance!my collector's ip 10.6.5.11

adriatikb

Visitor III

Hi,

Try to ping the collector from fortiweb.

Check with tcpdump in the collector if you receive syslog packets from the FortiWeb IP.

AB

SoulaimaAuthor

Visitor III

I can ping from FortiWeb to the collector, but not the other way around. Could this be the problem?dicovery

Secusaurus

Contributor III

Hi @Soulaima,

Concerning syslog, this should not be an issue. You should receive logs from the FortiWeb on the collector. Next step would be tcdump (packet capture) on the collector for the udp packages.

Concerning the discovery process: You can either discover without ping (set the option) or enable ping on the interface of the FortiWeb (probably it's just disabled there).

Best,

Christian

NSE8 | Fortinet Advanced MSSP Partner

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded