Help
FortiSIEM Discussions
adem_netsys
Contributor

Created on ‎12-05-2023 05:45 AM

Send syslog different port number

Hi,

We will send logs to FortiSiem from a device, but the default syslog ports are udp 9500. We were always collecting logs with the default 514 port. Is it possible to make this change?

Labels:
192
0 Kudos
2 REPLIES 2
Secusaurus
Contributor

Created on ‎12-05-2023 07:10 AM

Hi adem_netsys,

 

You can get the idea with the documentation for TCP, see here.

In general, you should have a look into the phoenix_config.txt file of your supervisor/collector. In there, you will find on which ports it should listen for which types for events. If you are using udp 9500 only, you can change the value directly. Otherwise, you might have to add it. If you need more assistance than my general information here, feel free to ask and I will look into the exact lines and syntax of the file.

 

Best,

Christian

FCP & FCSS Security Operations | Fortinet Advanced Partner
FCP & FCSS Security Operations | Fortinet Advanced Partner
169
0 Kudos
mnovelli
Staff
Staff

Created on ‎04-12-2024 12:56 AM

Hi @adem_netsys take a look to this article:

https://community.fortinet.com/t5/FortiSIEM/Technical-Tip-Modify-Collectors-default-listening-port-n...

 

Let me know if you have any doubt.

 

 

55
0 Kudos
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.