Help
FortiAnalyzer
FortiAnalyzer can receive logs and Windows host events directly from endpoints connected to EMS, and you can use FortiAnalyzer to analyze the logs and run reports.
smkml
Staff
Staff

Created on ‎11-13-2022 10:26 PM

Article Id 229732

Technical Tip: How to Integrate FortiAuthenticator in FortiAnalyzer

Description

 

This article describes how to integrate FortiAuthenticator to see logs in FortiAnalyzer .

 

Scope

 

FortiAuthenticator and FortiAnalyzer 

 

Solution

 

Check if the version and FortiAuthenticator model is supported in these related documents:

https://docs.fortinet.com/document/fortianalyzer/7.2.1/release-notes/254858/fortiauthenticator

https://docs.fortinet.com/document/fortianalyzer/7.2.1/release-notes/663286/fortiauthenticator-model...

 

Make sure there is no connectivity issue between both, and that port UDP 514 is open if there is the device in between:

https://docs.fortinet.com/document/fortianalyzer/7.2.0/fortianalyzer-ports/290737/incoming-ports

 

Set the IP of FortiAnalyzer/FortiManager in Log Settings:

 

smkml_0-1668372077462.png

 

Authorized the device in FortiAnalyzer, and select FortiAuthenticator ADOM (need to enable ADOM).

 

smkml_0-1668401624684.png

smkml_3-1668401760751.png

 

smkml_0-1668402161393.png

 

FortiAuthenticator only generates Event type logs and will send to FortiAnalyzer the same.

723
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.