FortiAnalyzer
FortiAnalyzer can receive logs and Windows host events directly from endpoints connected to EMS, and you can use FortiAnalyzer to analyze the logs and run reports.
Stelios_FTNT
Staff
Staff
Article Id 197770

Description

This article explains how to enable the encryption on the logs sent from a FortiAnalyzer to a Syslog/FortiSIEM server.


Solution

Before FortiAnalyzer 6.0.0 GA it was not possible to encrypt the logs transmitted from FortiAnalyzer to a Syslog/FortiSIEM server.

A new CLI parameter has been implemented in FortiAnalyzer 6.0.0 GA that allows the encrypted transmission of the logs from FortiAnalyzer to FortiSIEM:

# set fwd-secure
disable Disable TLS/SSL secured reliable logging.
enable Enable TLS/SSL secured reliable logging.

config system log-forward
edit 1
set fwd-server-type syslog
set fwd-reliable enable
set fwd-secure enable
next
end
 

 

Contributors