FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 191694


This article describes how to send logs to FortiCloud.


Activate Forticloud:

Go to System -> FortiGuard and under FortiGate Cloud select 'Activate'.
Registered Email will be pre-filled ,fill empty fields and enable 'Send logs to Fortigate Cloud' then select 'OK'.
Go to Log and Report -> Log Settings, enable Cloud Logging select FortiGate Cloud as 'Type' then select 'Apply'.


For FortiOS 7.2.x and above, go to Security Fabric -> Fabric Connector -> Logging & Analytics -> Cloud logging -> FortiGate Cloud


Also in case of multiple ISP or SDWAN connection source IP and interface may be required to add.


config log fortiguard setting
    set status enable
    set access-config enable
    set ssl-min-proto-version default
    set source-ip  [it should be one of the WAN interface IP]
    set interface-select-method auto [auto|sdwan|specify <----- Incase of specify need to select this option "set interface WAN_INTERFAC_PORT_Number"]
    set upload-option realtime
    set priority default
    set max-log-rate 0
    set enc-algorithm high
    set conn-timeout 10



If there is an upstream firewall, the following ports need to be allowed for the FortiGate Cloud connection to work properly.

Refer to :

Outgoing Ports


  1. TCP/443 for Registration, Quarantine, Log and report, Syslog, and Contract Validation.
  2. TCP/514 for OFTP.
  3. TCP/541 for Management.