| Description | This article describes how to configure CrowdStrike FortiGate data ingestion. |
| Scope | FortiGate v7.2 or later. |
| Solution |
FortiGate supports the third-party log server via the syslog server. The Linux-based syslog server can be configured in FortiGate to integrate with CrowdStrike.
config log syslogd setting set status enable set server "192.168.10.10" <----- Syslog server. set mode udp set port 514 set facility syslog set source-ip '' set format default set priority default set max-log-rate 0 set interface-select-method auto end
Users can customize the Syslog severity level by CLI:
config log syslogd filter show full
Users can choose to send all logs or customize logs by navigating under Log & Report -> Log Settings:
|
