Our FTM is running 7.2.2 and our FTG's are running 7.2.4. These are relatively new installations, and we're trying to trim the amount of syslog traffic to our SIEM. On the FTM at Device Manager > [FortiGate] > Log & Report > Threat Weight, there are several security settings. I don't see where to apply these to the syslog settings, nor can I find any documentation to do so. The "Log Threat Weight" is enabled. We do not have FortiAnalyzer. Is there a way to configure syslog to send security-related info that can be ingested into our SIEM without having a bunch of extra fluff? Thanks
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
I don't believe Threat Weight is what you want here.
What you want is to filter your FortiGate logs that are being sent to your SIEM.
I don't believe Threat Weight is what you want here.
What you want is to filter your FortiGate logs that are being sent to your SIEM.
OK. That's what we are doing right now. I think on a previous version of code, I saw something with SIEM in the logging configuration. Could be mistaken. Thanks for your input.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1640 | |
1069 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.