Technical Tip: How to send logs to FortiCloud

vchauhan · ‎12-07-2016

Description

This article explains how to use FortiCloud, an online logging service provided by Fortinet, to store the logs of the traffic from a FortiGate unit.

Scope

FortiGate-Cloud.

Solution

Activating FortiCloud:
Go to System -> Dashboard -> Status and locate the License Information widget. In the FortiCloud section, select Activate.

Use either an existing FortiCloud account or create a new one. Creation of a new FortiCloud account is explained in the related KB article.

Information about your FortiCloud account now appears in the License Information widget.

Sending logs to FortiCloud:

For v6.4.x and v7.0.x, go to Log & Report -> Log Config -> Log Settings, enable Send Logs to FortiCloud, and ensure that the Upload Option is set to Realtime.
For v7.4.x and v7.6.x and above, go to Security Fabric -> Fabric connector -> Logging & Analytics, select that, select edit and select 'Cloud Logging'.

Activate logging by using the username and password:

Select Test Connectivity to verify the connection between the FortiGate and FortiCloud. Adjust the Event Logging settings as required and set the GUI Preferences to Display Logs from FortiCloud.

Enabling logging in the Internet access security policy:
Go to Policy & Objects > Policy -> IPv4 and edit the policy that allows connections from the internal network to the Internet. Scroll down to view the Logging Options.

To view the results later, enable Log Allowed Traffic and select All Sessions.

Results:
Go to Log & Report -> Traffic Log -> Forward Traffic. In the top right corner of the screen, the Log location is shown as FortiCloud.

Related article:

Technical Note: How to register and activate a FortiCloud account

Technical Tip: How to send logs to FortiCloud

You are leaving our website