# config switch-controller custom-commandNew entry 'syslog' added.
(custom-command)edit syslog <----- Where ‘syslog’ is custom command profile name.
(syslog)set command "config log syslogd2 setting %0a set status enable %0a set server "x.x.x.x" %0a end %0a" <----- where x.x.x.x the IP address the syslog server IP address.
(syslog)end
# config switch-controller custom-commandNew entry 'syslog_filter' added .
(custom-command)edit syslog_filter
(syslog_filter)set command "config log syslogd2 filter %0a set severity debug %0a end %0a"2) Push the commands to all the switches: (the serial number is your switch(s) serial number).
(syslog_filter)end
# execute switch-controller custom-command syslog <serial# of FSW>3) Create a policy from FortiGate CLI with incoming interface as the FortiLink interface and outgoing interface where syslog server is connected:
# execute switch-controller custom-command syslog_filter <serial# of FSW>
# config switch-controller managed-switch
edit "S124EN591801029"
# config custom-command
edit "1"
set command-name " syslog"
next
edit "2"
set command-name " syslog_filter"
next
# config firewall policy
edit 1
set srcintf <fortilink interface name>
set dstintf <interface name where syslog server is located>
set srcaddr "all"
set dstaddr "all"
set action accept
set schedule "always"
set service "SYSLOG" "ALL_ICMP" "PING"
set nat enable
end
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.