Skip to main content
AliMhaerFathy
AliMhaerFathy
Explorer
November 16, 2024
Question

Integrate FortiSIEM-Cisco WSA/ESA

  • November 16, 2024
  • 1 reply
  • 625 views

Hello,

 

We need to integrate FortiSIEM-Cisco WSA/ESA through Syslog as per the official documents:

 

2024-11-14_150536.png

2024-11-14_150642.png

 

As we should call Log Name: IronPort-Mail OR IronPort-Web; we cant add another entry (Duplicate).

 

WhatsApp Image 2024-11-14 at 15.45.21_bbae94fc.jpgWhatsApp Image 2024-11-14 at 16.04.48_b6e189ed.jpg

 

So, we need to know the Log type and the corresponding facility to send the concerned security logs.

 

Thanks in advance!

1 reply

premchanderr
Staff & Editor
premchanderr
Staff & Editor
July 8, 2025

Hi @AliMhaerFathy ,

FortiSIEM can receive Syslog with any facility set from sending device configuration without any filters or log types. So, there would be no specification available from FortiSIEM side, but you can select both the parameters from Cisco device and send syslog accordingly.

 

Do note that depending on raw log and data parsed you might have to write a custom parser. 

Terms & ConditionsAccessibility statement