Cybersecurity Forum

This forum is for all security enthusiasts to discuss Fortinet's latest & evolving technologies and to connect & network with peers in the cybersecurity hemisphere. Share and learn on a broad range of topics like best practices, use cases, integrations and more. For support specific questions/resources, please visit the Support Forum or the Knowledge Base.

New Contributor

Events from FortiGate to Splunk

I currently have a FortiGate reporting events to Splunk through a TCP port: 601 (Reliable) and I getting some weird events that look like the following:

RPY 0 0 . 0 52
Content-type: application/beep+xml

They look like some sort of configuration information. When I set up the FortiGate to send logs to a UDP port like 514, I receive data that is more understandable.

Does anybody know why do the events look like this in a TCP port?


Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.