icon-pdfDownload PDF lhs-panel
lhs-panel Click here to expand

Configuring the Syslog Service on Fortinet devices

To configure the Syslog service in your Fortinet devices follow the steps given below:

  1. Login to the Fortinet device as an administrator.
  2. Define the Syslog Servers. It can be defined in two different ways,
    • Either through the GUI System Settings > Advanced > Syslog Server
      • Configuring the Syslog Service on Fortinet devices

      Configure the following settings and then select OK to create the syslog server.

      Name Enter a name for the syslog server.
      IP address (or FQDN) Enter the IP address or FQDN of the EventLog Analyzer.
      Syslog Server Port Enter the EventLog Analyzer's port number. The default port is 514.
    • Or with CLI commands:
      • Copy to Clipboard

      config system syslog

      edit "syslog server name"

      set ip "EventLog Analyzer IP Address"

      set port 514

      next

      end

  3. Use the following CLI commands to send Fortinet logs to the Eventlog Analyzer server.
    4. Copy to Clipboard

    config system locallog syslogd setting

    set severity debug

    set facility local7

    set status enable

    set syslog-name <syslog server name set in above step>

    end

  4. Severity and Facility can be changed as per the requirements.

Once you have completed the configuration steps, the logs from your Fortinet device will be automatically forwarded to the EventLog Analyzer server.

For more details refer the source: Link.

Copyright © 2020, ZOHO Corp. All Rights Reserved.

Get download link