- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How to configure syslog to use "Threat Weight" on FortiManager
Our FTM is running 7.2.2 and our FTG's are running 7.2.4. These are relatively new installations, and we're trying to trim the amount of syslog traffic to our SIEM. On the FTM at Device Manager > [FortiGate] > Log & Report > Threat Weight, there are several security settings. I don't see where to apply these to the syslog settings, nor can I find any documentation to do so. The "Log Threat Weight" is enabled. We do not have FortiAnalyzer. Is there a way to configure syslog to send security-related info that can be ingested into our SIEM without having a bunch of extra fluff? Thanks
Solved! Go to Solution.
- Labels:
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I don't believe Threat Weight is what you want here.
What you want is to filter your FortiGate logs that are being sent to your SIEM.
Graham
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I don't believe Threat Weight is what you want here.
What you want is to filter your FortiGate logs that are being sent to your SIEM.
Graham
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
OK. That's what we are doing right now. I think on a previous version of code, I saw something with SIEM in the logging configuration. Could be mistaken. Thanks for your input.
