Created on
05-21-2023
09:58 PM
Edited on
06-15-2025
01:33 PM
By
Jean-Philippe_P
Description | This article describes how to send logs from managed FortiClient endpoints to FortiAnalyzer. |
Scope | FortiClient endpoints that are managed by EMS. |
Solution |
Access the EMS with admin privileges:
Go to Endpoint Profiles -> System Settings:
Select the desired profile and then select 'Edit':
Then scroll down to the Log part and select the option 'Upload Logs to FortiAnalyzer/FortiManager':
Select the desired logs. It is possible to change the telemetry interval, which means the frequency at which the FortiClient will send the logs to the FortiAnalyzer.
Make sure to configure the FortiAnalyzer IP address or FQDN and port below:
Select 'Save' at the end. After that, the logs will be sent to the FortiAnalyzer as well. By default, port 514-TCP is used; ensure to allow this communication in VIP and/or Firewall Policies. It can show logs related to FortiClient traffic, all events, and also will show vulnerability logs.
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.