Help
FortiClient
FortiClient proactively defends against advanced attacks. Its tight integration with the Security Fabric enables policy-based automation to contain threats and control outbreaks. FortiClient is compatible with Fabric-Ready partners to further strengthen enterprises’ security posture.
david_pereira
Staff
Staff

Created on ‎05-21-2023 09:58 PM Edited on ‎05-21-2023 09:58 PM By Community Manager

Article Id 257227

Technical Tip: How to send FortiClient logs to FortiAnalyzer

Description This article describes how to send logs from managed FortiClient endpoints to Fortianalyzer.
Scope FortiClient endpoints that are managed by EMS.
Solution

1) Access the EMS with admin privilege:

 

Img001.jpg

 

2) Go to Endpoint Profiles -> System Setting:

 

Img002.jpg

 

3) Select the desired profile and then select 'Edit':

 

Img003.jpg

 

4) Then scroll down to the Log part and select the option 'Upload Logs to FortiAnalyzer/FortiManager':

 

Img004.jpg

 

5) Select the desired logs.

6) It is possible to change the telemetry interval, which means the frequency at which the FortiClient will send the logs to the FortiAnalyzer.

 

Make sure to configure the FortiAnalyzer IP address or FQDN and port more below:

 

Img005.jpg

 

7) Then select 'Save' at the end.

 

After that, the logs will be sent to the FortiAnalyzer as well.
1237
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.