EMS server log to FortiAnalyzer (detail info)

Mandalorian · ‎02-18-2025

Hello everyone,
I am sending the logs from our EMS server directly to our FAZ as the syslog server option.

I wanted to know if the logs sent from the EMS to a FortyAnalyzer are unencrypted or are they encrypted ?
From the EMS server GUI the commands are limited, is there a command from the CLI to possibly enable encryption of the logs sent to the FAZ ?

If so, is there anything else to configure on the FAZ side ?

FortiAnalyzer #Forti EMS

AEK · ‎02-21-2025

Hi Mandalorian

You can enable TLS encryption if you select TCP instead of UDP.

May the force be with you.

AEK

View solution in original post

Anthony_E · ‎02-20-2025

Hello Grogu :),

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.

Thanks,

Anthony-Fortinet Community Team.

AEK · ‎02-21-2025

Hi Mandalorian

You can enable TLS encryption if you select TCP instead of UDP.

May the force be with you.

AEK

Mandalorian · ‎02-24-2025

Hi AEK!
Thank you for the feedback the strange thing is that I cannot find this specific information in the various admin guides or Fortinet documentation could you kindly provide me with the link or documentation page that indicates this.

THIS IS THE WAY.

Mando

AEK · ‎02-24-2025

I think you are right, the only mention I found is here, but with very few details.

https://docs.fortinet.com/document/forticlient/7.4.1/ems-administration-guide/55035

AEK

Mandalorian · ‎02-25-2025

Thank you for the feedback it is a pity that the documentation on this point is very poor and not very detailed

Mando

EMS server log to FortiAnalyzer (detail info)

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website