Im hoping for a solution here, I have three AWS fortigate firewalls setup they are v5.4.4,build1117 (GA).
I am trying to send the System Event log from these machines to our Logrhythm Servers, for correlation and reporting.
I seem to have hit a barrier here as some data seems to come out like failed logins but just about everything else is missing
no info on policy changes or successful logins,
I am no firewall specialist but I know a little (often dangerous), any help on how to get this working would be great,
thanks all Martin