Skip to main content
kimsw
kimsw
Visitor III
October 17, 2024
Solved

How to send destination domain to remote syslog server from Fortigate?

  • October 17, 2024
  • 3 replies
  • 1622 views

Hi,

I have configured Fortigate to send traffic logs to a remote syslog server.

The GUI displays the destination IP along with the corresponding domain correctly.

But only the 'dstip' is sent to syslog server, while the 'domain' is not included.

How can I send the 'domain' along with the 'dstip'?

Best answer by kimsw

I set below, then dst domain (as dstname field) is sent to syslog server well.

Thank you all.

 

conf log setting
    set resolve-ip enable
end

3 replies

Mrinmoy
Staff
Mrinmoy
Staff
October 18, 2024

This feature is only for Fortiget GUI

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-show-hostname-in-forward-traffic-log/ta-p/218709

Your syslog is receiving the raw log, IP should be resolved by that ssylog server.

    rahul_p1
    Staff
    rahul_p1
    Staff
    October 18, 2024

    Hi,

     

    Please run this command in CLI:- 

    conf log gui-display
    get
        set resolve-hosts enable 

    end 

     

    kimsw
    kimswAuthorAnswer
    Visitor III
    October 18, 2024

    I set below, then dst domain (as dstname field) is sent to syslog server well.

    Thank you all.

     

    conf log setting
        set resolve-ip enable
    end

    Terms & ConditionsAccessibility statement