FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article describes how to encrypt logs before sending them to a Syslog server.
Scope
FortiGate.
Solution
Use following CLI commands:
config log syslogd setting set status enable
set mode reliable
end
It is necessary to Import the CA certificate that has signed the syslog SSL/server certificate. Once it is imported: under the System -> Certificate -> remote CA certificate section, the same one will be used by the Firewall to validate the server certificate during the TLS/SSL handshake.
config log syslogd setting
set enc-algorithm high-medium/high/low
set certificate “ “ <- It is only necessary to map the local SSL certificate if the server requires client certificate verification. If the server is not configured for client certificate authentication/validation, it will be necessary to leave this field as blank (default).
