Hello team,
I have successfully configured our main L3 switches to send Syslog to our centralized Fortisiem log server, but with all of that done nothing was discovered by the CMDB.
Bellow the conf in the Cisco switch, the 64.55 is the IP address for the fortisiem.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi @Taher11
Actually, when you send syslog to SIEM, you don't have to do discovery. it should automatically add it. I suggest you open tcpdump, you can check if the log is coming to SIEM
Exactly @adem_netsys , but nothing was seen as syslog from that particular switch when running tcpdump on the fortisiem.
In this case, we can say that syslog is not going to SIEM. If there is an FW in between, you need to check the permissions there.
Welcome to your new Fortinet Community!
You'll find your previous forum posts under "Forums"
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.