Help
FortiSIEM Discussions
AliMhaerFathy
New Contributor III

Created on ‎11-16-2024 09:15 AM

Integrate FortiSIEM-Cisco WSA/ESA

Hello,

 

We need to integrate FortiSIEM-Cisco WSA/ESA through Syslog as per the official documents:

 

2024-11-14_150536.png

2024-11-14_150642.png

 

As we should call Log Name: IronPort-Mail OR IronPort-Web; we cant add another entry (Duplicate).

 

WhatsApp Image 2024-11-14 at 15.45.21_bbae94fc.jpgWhatsApp Image 2024-11-14 at 16.04.48_b6e189ed.jpg

 

So, we need to know the Log type and the corresponding facility to send the concerned security logs.

 

Thanks in advance!

Labels:
336
0 Kudos
1 REPLY 1
premchanderr
Staff & Editor
Staff & Editor

Created on ‎07-07-2025 08:58 PM

Hi @AliMhaerFathy ,

FortiSIEM can receive Syslog with any facility set from sending device configuration without any filters or log types. So, there would be no specification available from FortiSIEM side, but you can select both the parameters from Cisco device and send syslog accordingly.

 

Do note that depending on raw log and data parsed you might have to write a custom parser. 

Regards,
Prem Chander R
95
0 Kudos
Announcements

Welcome to your new Fortinet Community!

You'll find your previous forum posts under "Forums"

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.