- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Monitoring FortiGuard status
We have had a few issues with connections to FortiGuard. Recently we had to revert to default HTTPS/443 communication, after the UDP/53 we used as a workaround for previous issues became broken for unknown reason.
We have now activated the 'Allow websites when a rating error occurs' option, and would like to add the FortiGuard status of all of our FGT's in our monitoring tool. I can't seem to find any related OID though, does somebody have suggestions how to tackle this?
(ticket ongoing concerning the issue with TAC, but I'm not very confident in a permanent solution)
Solved! Go to Solution.
- Labels:
-
FortiGate
-
FortiGuard
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@Olimmu , there are two sys events related to web filter that may have relationships with your need. Didn't try them but I think you should try explore them with automation stitch or with syslog.
12558 - LOG_ID_URL_FILTER_RATING_ERR
12800 - LOG_ID_WEB_FTGD_ERR
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We are transitioning all our customers from Symantec endpoint to Kaspersky endpoint (centrally managed by us) and I'm struggling with connecting the network agents... with the Watchguard is very easy, traffic monitor -> filter by test machine IP, send an heartbeat with the Kaspersky utility, wait for the red entries, make a list of ports and protocols. Make the necessary outgoing exceptions and everything works!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@Olimmu , there are two sys events related to web filter that may have relationships with your need. Didn't try them but I think you should try explore them with automation stitch or with syslog.
12558 - LOG_ID_URL_FILTER_RATING_ERR
12800 - LOG_ID_WEB_FTGD_ERR
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Olimmu.,
You can use automation stitch to trigger an email alert when the connection to FortiGuard is down. Please refer to https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-configure-an-automation-stitch-to-g...
Regards,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
There are two other sys events that may help.
32231 - LOG_ID_RESTORE_FGD_SVR_FAIL
32204 - LOG_ID_RESTORE_FGD_SVR
I didn't test them, just double check before use.
