Help
FortiAnalyzer
FortiAnalyzer can receive logs and Windows host events directly from endpoints connected to EMS, and you can use FortiAnalyzer to analyze the logs and run reports.
psalian
Staff
Staff

Created on ‎08-30-2018 05:09 AM Edited on ‎09-16-2024 09:15 AM By Moderator

Article Id 192587

Technical Tip: How to add a third party device to FortiAnalyzer (syslog server)

Description

 

This article describes the steps to add a third party device to FortiAnalyzer where FortiAnalyzer is the syslog server.

 

Scope

 

FortiAnalyzer.

Solution

 

It is not possible to add a third party device directly from FortiAnalyzer into the syslog ADOM.

This is due to the way the serial number is stored under the syslog ADOM. If the device is added from FortiAnalyzer, FortiAnalyzer would not recognize the serial number and would provide the following error:

 

The device's serial number does not match database

 

Steps to add the device to FortiAnalyzer:

 

  1. On the Third party device, add FortiAnalyzer as a syslog server. Configure it to send logs to FortiAnalyzer.
  2. On FortiAnalyzer, the device will show up under unregistered devices. Right-click on it, promote it, and add it under Syslog ADOM.
  3. Enter Syslog ADOM to see the device added in there.

 

Related articles:

12266
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.