Skip to main content
bademeister
bademeister
New Member
July 2, 2019
Question

Encrypted Syslog Forwarding

  • July 2, 2019
  • 1 reply
  • 4342 views

Hi,

we're trying to forward logs from a Fortianalyzer system to a linux server. Is it possible to do so in a secure manner? We'd like to send the logs over an encrypted connection and possibly authenticate both linux server and Fortianalyzer.

Our firmware version is v5.6.8.

 

Cheers,

Bademeister

    1 reply

    brazz_FTNT
    Staff
    brazz_FTNT
    Staff
    July 2, 2019

    Hey Bademeister, 

     

    FAZ can forward logs to 3 types of Forwarding Server:

    [ul]
  • Another FAZ
  • Syslog
  • CommonEventFormat(CEF)[/ul]

    Perhaps you can try using the Syslog option.

    regarding the encryption, if "Reliable Connection" is enabled this force FAZ to send the logs encrypted and use TCP method.

    let me know how it goes.

    Thanks

     

     

     

    • emnoc
    emnoc
    New Member
    July 2, 2019

    Short answer no. If you want to setup a ipsec-tunnel you could send the logs  and have encryption.

     

    Terms & ConditionsAccessibility statement