Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
MontanaMike
New Contributor III

Fortigate sending to Syslog AND FortiAnalyzer

I know this was possible in older versions of the firmware but I'm having issues getting my Fortigates to send data to both my syslog server and the FortiAnalyzer at the same time.  Is it possible that the FortiGate isn't sending to the syslog because the FortiAnalyzer is configures with the Security Fabric turned up?  I'm checking with the linux admin of the syslog host to make sure he has port 514 open on it but thought I'd check here to make sure it was still an option even though Fortinet removed the syslog option from the GUI.  I configured it from the CLI and can ping the host from the Fortigate.  Any help or tips to diagnose would be much appreciated.  My Fortigate is a 600D running 6.4.12 build 2060


config log syslogd setting
set status enable
set server "172.16.50.214"
set mode reliable
set port 514
set facility user
set source-ip "172.16.50.2"
set format default
set priority default
set max-log-rate 0
set enc-algorithm disable
set interface-select-method specify
set interface "Amicus Servers"
end

 

config log syslogd filter
set severity information
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set anomaly enable
set voip enable
set filter ''
set filter-type include
end

-Mike

-Mike
10 REPLIES 10
yorge
New Contributor

is that possible to check the logs in forti analyser

Top Kudoed Authors