Description
This article describes how to connect FortiWeb to a FortiAnalyzer Device or VM.
Scope
FortiWeb and FortiAnalyzer.
Solution:
On the FortiWeb:
- Configure FortiWeb with FortiAnalyzer IP.
- Go to Log & Report -> Log Policy -> FortiAnalyzer Policy.
- Create a new policy.
- Set Name.
- Set FortiAnalyzer IP.
- Select 'OK'.
-
Configure FortiAnalyzer Log Settings.
- Go to Log & Report -> Log Config -> Global Log Settings.
- Enable the FortiAnalyzer [Checkbox].
- Specify 'Log Level' as 'Information'.
- Specify 'FortiAnalyzer Policy' as 'FAZ' [The name FortiAnalyzer policy created in the previous step].
- Select 'Apply'.
On the FortiAnalyzer.
- ADOM Configuration.
- Go to Root-ADOM -> Device Manager -> Unregistered device ->
- After selecting 'OK' the device will be added, verify the status and select 'CLOSE'.
- Login to the FortiWeb ADOM:
There is another option to aggregate FortiWeb to FortiAnalyzer.
- Creating New ADOM.
- Go to System Settings -> ADOMs -> Create New.
- Set Name.
- Select Type: FortiWeb.
- Keep all other settings with Default Values.
- Select 'OK'.
-
Change to New FortiWeb ADOM to aggragate FortiWeb.
- Go to Dashboard -> Select the ADOM Button.
- Select New FortiWeb ADOM created.
-
Configure FortiWeb in FortiAnalyzer -> Device Manager.
- Go to Device Manager.
- Select: Add Device.
- Set Name.
- Select Link Device by: Serial Number.
- Set FortiWeb Serial Number.
- Select FortiWeb Device Model.
- Select 'Next'.
- A New Database is created and FortiWeb will be aggregated.
- Select 'Next' to finish.
- It is possible to see the wrong Version and Model, it is normal, FortiAnalyzer and FortiWeb need to complete the synchronization.
- After a few seconds, it it possible to see FortiWeb's correct information.