Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Big_Abe
New Contributor

Syslog for Banned / Quarantined IP

Hey all, 

I have syslog configured and receiving all my data beautifully in GrayLog.

 

What I'm not getting, is any indicator that an IP has been added to Quarantine / Banned IP. 

FortiOS 5.6.5

 

I.E.  I received an IPS trigger today from 117.1.189.196, and all I see is the IPS event.  The IP is now in banned IP tab, but I want to set up a notification/report of these IPS whenever they are quarantined.  Is there a specific facility, or am I missing something?  

 

Thanks. 

FCNSP

-------------------------------------

"They have us surrounded again, those poor bastards."

-Unnamed Medic

FCNSP ------------------------------------- "They have us surrounded again, those poor bastards." -Unnamed Medic
0 REPLIES 0
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors