I know this was possible in older versions of the firmware but I'm having issues getting my Fortigates to send data to both my syslog server and the FortiAnalyzer at the same time. Is it possible that the FortiGate isn't sending to the syslog because the FortiAnalyzer is configures with the Security Fabric turned up? I'm checking with the linux admin of the syslog host to make sure he has port 514 open on it but thought I'd check here to make sure it was still an option even though Fortinet removed the syslog option from the GUI. I configured it from the CLI and can ping the host from the Fortigate. Any help or tips to diagnose would be much appreciated. My Fortigate is a 600D running 6.4.12 build 2060
config log syslogd setting set status enable set server "172.16.50.214" set mode reliable set port 514 set facility user set source-ip "172.16.50.2" set format default set priority default set max-log-rate 0 set enc-algorithm disable set interface-select-method specify set interface "Amicus Servers" end
config log syslogd filter set severity information set forward-traffic enable set local-traffic enable set multicast-traffic enable set sniffer-traffic enable set anomaly enable set voip enable set filter '' set filter-type include end
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.