Fortinet FortiGate - Syslog Setting and Syslog Filter
Please follow these instructions:
Step 1: Log in to your Fortinet FortiGate Admin portal and navigate to CLI console. Please refer to the images below.
Step 2: In your CLI Console execute these commands.
Please execute these commands.
For Syslog Setting:
|
config log syslogd setting
set status enable
set server <IP address of the log collector>
set facility user
set source-ip <Firewall IP or DCHP server IP>
set port 10514
set mode tcp
set format default
end
|
For Syslog Filter:
|
config log syslogd filter
set anomaly enable
set forward-traffic enable
set local-traffic enable
set multicast-traffic disable
set netscan-discovery enable
set netscan-vulnerability enable
set severity warning
set sniffer-traffic enable
set voip disable
set ztna-traffic enable
end
|
NOTE: Please provide screenshots of the configurations after executing the commands.
For our integration we need the Server IP and Port number.
Source Link Documentation for Syslog Settinghttps://docs.fortinet.com/document/fortigate/6.4.4/cli-reference/444620/config-log-syslogd-setting:
Source Link Documentation for Syslog Filter:
https://docs.fortinet.com/document/fortigate/7.0.9/cli-reference/456620/config-log-syslogd-filter