Description
This article describes how to configure FortiWeb to send logs to FortiAnalyzer.
Solution
1. In FortiWeb, create a FortiAnalyzer Policy.
This will define where the FortiAnalyzer is located.
The policy name can be a numerical value or text.
The IP address of the FortiAnalyzer must also be set here.
For example:
This article describes how to configure FortiWeb to send logs to FortiAnalyzer.
Solution
1. In FortiWeb, create a FortiAnalyzer Policy.
This will define where the FortiAnalyzer is located.
The policy name can be a numerical value or text.
The IP address of the FortiAnalyzer must also be set here.
For example:
config log fortianalyzer-policy2. In FortiWeb, apply the policy.
edit "0"
set ip-address 192.168.88.87
next
end
Define the level of logs that will be sent to the FortiAnalyzer and which FortiAnalyzer policy to use:
The policy is set as "0", which is the policy created in the previous step.
3. In FortiAnalyzer, enable the FortiWeb ADOM.
config log forti-analyzerIn this example, the severity is set to DEBUG. This will send the highest level of logs to the FortiAnalyzer.
set severity debug
set fortianalyzer-policy 0
end
The policy is set as "0", which is the policy created in the previous step.
3. In FortiAnalyzer, enable the FortiWeb ADOM.
To be able to receive logs on the FortiAnalyzer, you must enable
ADOMs in order to make the FortiWeb ADOM available. By default,
there is only a FortiGate ADOM.
![rm017.PNG rm017.PNG](/t5/image/serverpage/image-id/937iA914BA0D662BA455/image-size/large?v=v2&px=999)
Log out and log back in. A reboot is not required.
4. In FortiAnalyzer, add FortiWeb to FortiWeb ADOM.
![rm018.PNG rm018.PNG](/t5/image/serverpage/image-id/2184iA82366129038BB3F/image-size/large?v=v2&px=999)
Go to Device Manager > Unregistered Devices.
Select the FortiWeb device in the list, then select the FortiWeb ADOM from the drop-down list.
Log out and log back in. A reboot is not required.
4. In FortiAnalyzer, add FortiWeb to FortiWeb ADOM.
Go to Device Manager > Unregistered Devices.
Select the FortiWeb device in the list, then select the FortiWeb ADOM from the drop-down list.
> Go.
![rm019b.PNG rm019b.PNG](/t5/image/serverpage/image-id/853i36AB6AF8A896CF4D/image-size/large?v=v2&px=999)
End result: the FortiWeb can be found in the Device List (Device & Groups > FortiWeb > All FortiWebs).
In the above example two FortiWebs have been assigned to the FortiWeb ADOM.
End result: the FortiWeb can be found in the Device List (Device & Groups > FortiWeb > All FortiWebs).
In the above example two FortiWebs have been assigned to the FortiWeb ADOM.