Adding second SYSLOG Server

Forum|Forum|5 years ago
January 22, 2021
1 reply
15050 views

we configure fortigate device to send logs to FortiAnalyzer via syslog they are 6.0. we have SYSLOG server configured on the client's VDOM.

Now I need to add another SYSLOG server on all VDOMs on the firewall.

How do I add the other syslog server on the vdoms without replacing the current ones?

Yurisk

SuperUser

Fortigate can send logs to max 4 Syslog servers, so you configure the second server using the same commands but syslogd2 on CLI.

More info here https://kb.fortinet.com/kb/documentLink.do?externalID=FD44614

https://docs.fortinet.com/document/fortigate/6.2.1/cli-reference/356620/log-syslogd2-setting

ede_pfau

SuperUser

just curious: why would you send logs to a FAZ via syslog? FAZ uses it's own protocol for this, adding the benefit of obtaining log data that can be searched, cumulated and charted - all of which cannot be done with 'plain' syslog data.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded