Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
dirome
New Contributor II

Syslog

Hello,

 

For syslog configuration in FAZ, why is necessary configure system syslog and system aggregation-client?

What is their relation?

 

 

4 REPLIES 4
chall_FTNT
Staff
Staff

configure system syslog ... for sending local event logs

system aggregation-client (5.4 or earlier) ... for forwarding logs from another device

Chris Hall
Fortinet Technical Support
dirome
New Contributor II

Hi Chall,

 

When I configured just system syslog I couldn't see traffic through sniffer, just i saw traffic when i configured system aggregation-client, why did happened it?

 

tsimeonov_FTNT

aggregation-client is intended to forward logs received by other logging devices such FGT. system syslog is like send local FAZ event logs to a systlog device.  In your case like FAZ event log may not happen so   often as other logs from other  devices.

Also it maybe need additional tuning on severity and etc from cli: config sys locallog syslogd filter config sys locallog syslogd settings

dirome

Thanks everyone for your answers!

Top Kudoed Authors