Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
zaerth
New Contributor

Created on ‎05-06-2022 06:08 AM

Logging to FortiAnalyzer and to syslog

All of our customer firewalls are logging to FortiAnalyzer for research/analytics. We've also had many of these firewalls also logging to syslog for the managed SOC. However, it seems like recently if logging to FortiAnalyzer is enabled, that syslog stops working, even though it's configured in the UI.

Perhaps I'm missing something? It's possible that it hasn't worked in a while and we just didn't notice..

router login 192.168.l.l
router login 192.168.l.l
Labels:
1208
0 Kudos
2 REPLIES 2
seshuganesh
Staff
Staff

Created on ‎05-06-2022 06:47 AM

Hi Team,

 

Could you please execute this command "diag sniffer packet any 'host a.b.c.d'" 4 0 a (where a.b.c.d is the syslog server ip)

Also please let us know where is the sys log server located

please share these logs with us

1151
0 Kudos
amouawad
Staff
Staff

Created on ‎05-06-2022 07:02 AM

One option that you might want to investigate is to use the FAZ to forward logs to the syslog server in the managed SOC.

 

If the SOC syslog supports TCP, the FAZ will be able to cache the logs if there is a connectivity problem between itself and the syslog server.

 

You can also specify which devices the logs will be forwarded for.

 

2022-05-06_23-59.png

1149
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.