Hi All,
I'm trying to find out how to configure our FG100D (6.2.14-FW-build1364-230411) to send to our Syslog Server (ELK) just every 5 mins. There is no option in the WebUI or even in the CLI to configure this. Is there any way to do this? All I can see is in the FortiAnalyzer option.
Thank you.
Oliver
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello @olivern4 ,
Syslog is an instant protocol, so unlike FortiAnalyzer, there is no store-and-forward option on the FortiGate.
Hello Oliver,
You can get Fortianalyzer/Fortianalyzer cloud license and then configure that on the Fortigate to send logs to Fortianalyzer every 5 minutes.
But you cannot use ELK server ip to configure Fortianalyzer, because when you configure Fortianalyzer it will be configured in the security fabric, which uses separate daemon/ports to forward logs to FortiAnalyzer.
Hello @olivern4 ,
Syslog is an instant protocol, so unlike FortiAnalyzer, there is no store-and-forward option on the FortiGate.
Created on 08-19-2024 05:02 AM Edited on 08-19-2024 05:07 AM
Hi @ozkanaltas
Thank you for the response.
Meaning there is no way to do this? Okay. Can I just use the FortiAnalyzer option instead as the Syslog? I will just add the IP address of the ELK server right?
Thank you.
Oliver
Hello Oliver,
You can get Fortianalyzer/Fortianalyzer cloud license and then configure that on the Fortigate to send logs to Fortianalyzer every 5 minutes.
But you cannot use ELK server ip to configure Fortianalyzer, because when you configure Fortianalyzer it will be configured in the security fabric, which uses separate daemon/ports to forward logs to FortiAnalyzer.
Hi @SonaMuvv
Thank you.
Oliver
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1705 | |
1093 | |
752 | |
446 | |
230 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.