- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- FAZ and Syslog server
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FAZ and Syslog server
Hello guys
For a while I used FAZ to get the information from our FGT and reports, but the cost is relevant and then some questions have arisen.
The Syslog server has only the function of storing the data and FGT would not query this Syslog data, right?
Can we use the Syslog server to receive the data by hosting in a database so that we can make selects to extract information and thus to stop using the FAZ?
Which Syslog server would you indicate for this purpose and which can be used with FGT and other network assets?
Have you ever used any tool like Power BI to extract information instead of using FAZ?
Thank you for your support!
Hugs
Solved! Go to Solution.
2 Solutions
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The Syslog server has only the function of storing the data and FGT would not query this Syslog data, right?
Correct
Can we use the Syslog server to receive the data by hosting in a database so that we can make selects to extract information and thus to stop using the FAZ?
Correct
Which Syslog server would you indicate for this purpose and which can be used with FGT and other network assets?
You have many to use splunk is good , loggly is great , Alertlogic, and papertrails is ideal ( I'm using the latter in a few FGT/PANOS deployments for analysis and it works great for writing log triggers or "alerts" )
Have you ever used any tool like Power BI to extract information instead of using FAZ?
NO , see the above suggestions and review them.
A 3rd option if a remote-logging service solutions are pricey; is to build a log-server that inject the log messages into a sql database and then build a interface to SELECT FROM on the fields and and log-type. I have a business partner that could do this for you , contact me via PM and I will refer you to them.
Ken
PCNSE
NSE
StrongSwan
PCNSE
NSE
StrongSwan
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
No it's not a issue and can be over come. Also you have a host of other support types CEF or Brief and CSV format. Splunk and syslog-ng for example has modules or addons for CEF format and others formats
http://socpuppet.blogspot.com/2017/08/fortios-cef-formatted-logs.html
http://socpuppet.blogspot.com/2018/03/fortios-logging-bried.html
You will have to test your support and what you need
PCNSE
NSE
StrongSwan
PCNSE
NSE
StrongSwan
6 REPLIES 6
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The Syslog server has only the function of storing the data and FGT would not query this Syslog data, right?
Correct
Can we use the Syslog server to receive the data by hosting in a database so that we can make selects to extract information and thus to stop using the FAZ?
Correct
Which Syslog server would you indicate for this purpose and which can be used with FGT and other network assets?
You have many to use splunk is good , loggly is great , Alertlogic, and papertrails is ideal ( I'm using the latter in a few FGT/PANOS deployments for analysis and it works great for writing log triggers or "alerts" )
Have you ever used any tool like Power BI to extract information instead of using FAZ?
NO , see the above suggestions and review them.
A 3rd option if a remote-logging service solutions are pricey; is to build a log-server that inject the log messages into a sql database and then build a interface to SELECT FROM on the fields and and log-type. I have a business partner that could do this for you , contact me via PM and I will refer you to them.
Ken
PCNSE
NSE
StrongSwan
PCNSE
NSE
StrongSwan
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Ken, I thought there was an issue with Fortinet using non-standard / extended syslog formats, that the various syslog servers had problems with. Is this no longer an issue?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
No it's not a issue and can be over come. Also you have a host of other support types CEF or Brief and CSV format. Splunk and syslog-ng for example has modules or addons for CEF format and others formats
http://socpuppet.blogspot.com/2017/08/fortios-cef-formatted-logs.html
http://socpuppet.blogspot.com/2018/03/fortios-logging-bried.html
You will have to test your support and what you need
PCNSE
NSE
StrongSwan
PCNSE
NSE
StrongSwan
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Great info, thanks!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We have a short list of the finest free of cost SYSLOG Server Softwares here for the convenience of our users. Well! there are different kinds of free and paid software available in the market. You can browse and find out the best one. Here i like to talk about some software like Syslog Watcher is amazing software for handling log events that feature a multi-threaded design for improved performance. It means to say that the course of gathering logs and treating them is diverse and that’s why one does not restrict with the other. Because of it you are guaranteed that all events from all your devices are logged to the server. So in case you need to go in detail then you can go for this link https://appuals.com/the-5-best-free-syslog-server-softwares/ and find out a lot more.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hmm not familiar with FAZ. Whether you store to syslog files or a database you would need to extract the data, for a database importing and extraction of syslog data can be complicated. we use a syslog server forwarding to graylog. I think Elasticsearch Logstash and Kibana (ELK) may be viable also but a bit more complicated that graylog and standard syslog.
Served 1,000,000 burgers
Served 1,000,000 burgers
Related Posts
- ZTNA not working. Help please. 16 Views
- FortiClient EMS Server update port only... 56 Views
- Create branch office VPN so that... 88 Views
- User Getting The server you want... 103 Views
- Automatically Ban Malicious Inbound IPs using... 83 Views
Labels
-
FortiGate
6,456 -
FortiClient
1,290 -
5.2
801 -
5.4
639 -
FortiManager
562 -
6.0
416 -
FortiAnalyzer
410 -
5.6
362 -
FortiSwitch
331 -
FortiAP
327 -
FortiClient EMS
259 -
6.2
251 -
FortiMail
239 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
148 -
6.4
128 -
FortiNAC
103 -
FortiGuard
102 -
FortiGateCloud
86 -
FortiSIEM
85 -
FortiCloud Products
82 -
FortiToken
69 -
Customer Service
69 -
IPsec
68 -
4.0MR3
64 -
Wireless Controller
58 -
SSL-VPN
54 -
FortiProxy
44 -
FortiADC
42 -
Fortivoice
41 -
FortiEDR
38 -
FortiGate v5.4
34 -
FortiDNS
34 -
FortiExtender
31 -
FortiSandbox
30 -
FortiSwitch v6.4
28 -
FortiConnect
23 -
SD-WAN
23 -
FortiWAN
22 -
FortiConverter
21 -
High Availability
20 -
Firewall policy
20 -
VLAN
18 -
FortiPortal
17 -
ZTNA
16 -
FortiSwitch v6.2
16 -
FortiGate v5.2
16 -
FortiMonitor
14 -
Certificate
14 -
FortiDDoS
13 -
Routing
12 -
FortiCASB
12 -
SAML
11 -
BGP
11 -
DNS
11 -
Interface
11 -
FortiGate v5.0
10 -
FortiRecorder
10 -
VDOM
10 -
FortiWeb v5.0
9 -
LDAP
9 -
FortiManager v5.0
9 -
4.0MR2
9 -
Logging
9 -
RADIUS
8 -
Traffic shaping
8 -
Virtual IP
8 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
fortilink
7 -
FortiAnalyzer v5.0
7 -
NAT
7 -
FortiAuthenticator
7 -
Admin
7 -
FortiGate v4.0 MR3
7 -
4.0
7 -
Fortigate Cloud
6 -
IP address management - IPAM
6 -
SSID
5 -
Security profile
5 -
Traffic shaping policy
5 -
Authentication
5 -
FortiBridge
5 -
SNMP
5 -
SSO
5 -
Application control
5 -
Static route
5 -
FortiManager v4.0
5 -
FortiDirector
4 -
SSL SSH inspection
4 -
WAN optimization
4 -
Web application firewall profile
4 -
DNS Filter
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
3.6
4 -
FortiScan
4 -
Proxy policy
4 -
packet capture
3 -
FortiToken Cloud
3 -
Automation
3 -
Intrusion prevention
3 -
DoS policy
3 -
FortiTester
3 -
Port policy
3 -
FortiDB
3 -
IPS signature
3 -
FortiDeceptor
2 -
FortiInsight
2 -
Antivirus profile
2 -
VoIP profile
2 -
Traffic shaping profile
2 -
Web profile
2 -
FortiAP profile
2 -
FortiAI
2 -
FortiHypervisor
2 -
Netflow
2 -
trunk
2 -
NAC policy
1 -
SDN connector
1 -
4.0MR1
1 -
Users
1 -
Subscription Renewal Policy
1 -
FortiCWP
1 -
FortiNDR
1 -
Web rating
1 -
Application signature
1 -
Authentication rule and scheme
1 -
Multicast routing
1 -
Zone
1 -
FortiManager-VM
1 -
Fabric connector
1 -
Internet Service Database
1 -
Fortinet Engage Partner Program
1 -
System settings
1 -
Explicit proxy
1 -
TACACS
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.