FortiSIEM Discussions
adem_netsys
Contributor

Send syslog different port number

Hi,

We will send logs to FortiSiem from a device, but the default syslog ports are udp 9500. We were always collecting logs with the default 514 port. Is it possible to make this change?

2 REPLIES 2
Secusaurus
Contributor II

Hi adem_netsys,

 

You can get the idea with the documentation for TCP, see here.

In general, you should have a look into the phoenix_config.txt file of your supervisor/collector. In there, you will find on which ports it should listen for which types for events. If you are using udp 9500 only, you can change the value directly. Otherwise, you might have to add it. If you need more assistance than my general information here, feel free to ask and I will look into the exact lines and syntax of the file.

 

Best,

Christian

FCP & FCSS Security Operations | Fortinet Advanced Partner
FCP & FCSS Security Operations | Fortinet Advanced Partner
mnovelli
Staff
Staff

Hi @adem_netsys take a look to this article:

https://community.fortinet.com/t5/FortiSIEM/Technical-Tip-Modify-Collectors-default-listening-port-n...

 

Let me know if you have any doubt.

 

 

Announcements

Welcome to your new Fortinet Community!

You'll find your previous forum posts under "Forums"