Hi,
I have configured Fortigate to send traffic logs to a remote syslog server.
The GUI displays the destination IP along with the corresponding domain correctly.
But only the 'dstip' is sent to syslog server, while the 'domain' is not included.
How can I send the 'domain' along with the 'dstip'?
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
I set below, then dst domain (as dstname field) is sent to syslog server well.
Thank you all.
conf log setting
set resolve-ip enable
end
This feature is only for Fortiget GUI
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-show-hostname-in-forward-traffic-lo...
Your syslog is receiving the raw log, IP should be resolved by that ssylog server.
Hi,
Please run this command in CLI:-
conf log gui-display
get
set resolve-hosts enable
end
I set below, then dst domain (as dstname field) is sent to syslog server well.
Thank you all.
conf log setting
set resolve-ip enable
end
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1669 | |
1082 | |
752 | |
446 | |
224 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.