Help
FortiAnalyzer
FortiAnalyzer can receive logs and Windows host events directly from endpoints connected to EMS, and you can use FortiAnalyzer to analyze the logs and run reports.
caunon
Staff
Staff

Created on ‎01-08-2020 11:52 PM Edited on ‎04-07-2024 04:02 PM By Moderator

Article Id 189914

Technical Tip: Setup FortiAnalyzer to be a Syslog server

Description

 

This article describes how to configure FortiAnalyzer to keep Syslog from other third parties or a Syslog from another brand.

 

Scope

 

FortiAnalyzer.

Solution

 

Configure Syslog settings to other units which will send a Syslog to FortiAnalyzer.

 

  1. Check that the ADOM is enabled.

config system global

    get ?


If it is disabled, enable it with this command:

 

set adom-status enable
end

 

 

  1. The device will now be an Unauthorized Device in the root ADOM.

 

 

syslog_unauth.png

 

  1. Authorize the device and move it to the 'Syslog' ADOM or any other Fabric ADOM.

syslog_auth.png

 

  1. Once authorized, syslogs will start being received on FortiAnalyzer.
11003
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.