Skip to main content
Mandalorian
Mandalorian
Explorer III
February 18, 2025
Solved

EMS server log to FortiAnalyzer (detail info)

  • February 18, 2025
  • 2 replies
  • 1597 views

Hello everyone,
I am sending the logs from our EMS server directly to our FAZ as the syslog server option.

I wanted to know if the logs sent from the EMS to a FortyAnalyzer are unencrypted or are they encrypted ?
From the EMS server GUI the commands are limited, is there a command from the CLI to possibly enable encryption of the logs sent to the FAZ ?

If so, is there anything else to configure on the FAZ side ?

 

EMS settings log.jpg





FortiAnalyzer #Forti EMS

Best answer by AEK

Hi Mandalorian

You can enable TLS encryption if you select TCP instead of UDP.

 

ems_faz_tls.png

May the force be with you.

2 replies

Anthony_E
Staff
Anthony_E
Staff
February 21, 2025

Hello Grogu :),


Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.


Thanks,

Best Regards
    AEK
    SuperUser
    AEKAnswer
    SuperUser
    February 21, 2025

    Hi Mandalorian

    You can enable TLS encryption if you select TCP instead of UDP.

     

    ems_faz_tls.png

    May the force be with you.

    AEK
      Mandalorian
      MandalorianAuthor
      Explorer III
      February 24, 2025

      Hi AEK!
      Thank you for the feedback the strange thing is that I cannot find this specific information in the various admin guides or Fortinet documentation could you kindly provide me with the link or documentation page that indicates this.


      THIS IS THE WAY.

      Mando

        AEK
        SuperUser
        AEK
        SuperUser
        February 24, 2025

        I think you are right, the only mention I found is here, but with very few details.

        https://docs.fortinet.com/document/forticlient/7.4.1/ems-administration-guide/55035

        AEK
          Terms & ConditionsAccessibility statement