FORTINET FORTIANALYZER

Instructions for forwarding Fortinet FortiAnalyzer logs to your Log Management device

PREREQUISITES

FortiAnalyzer Network Security Logging, Analysis, and Reporting Appliance
  • The IP Address for the FortiAnalyzer appliance
  • Credentials to access the FortiAnalyzer appliance
  • Secure Shell (SSH) access configured on the FortiAnalyzer appliance

Clone Systems Log Management Device

  • The IP Address for the Clone Systems Log Management device
Instructions

1. Open a command prompt and SSH into the Fortinet FortiAnalyzer using a tool like PuTTY.

2. Configure the FortiAnalyzer unit to send logs to a remote computer running a syslog server.

  • FortiAnalyzer # config system syslog

3. Set the name of the Clone Systems Log Management device.

  • FortiAnalyzer (syslog) # edit “syslog”

4. Set the IP address of the Clone Systems Log Management device.

  • FortiAnalyzer (syslog) # set ip “{ IP Address of Clone Systems Log collector }”
  • EXAMPLE:
  • FortiAnalyzer (syslog) # set ip “10.1.1.1”

5. Enter the port number for the syslog messages.

  • FortiAnalyzer (syslog) # set port 514

6. Save the changes you have made in the current table’s fields, and exit the edit command to the object prompt.

  • FortiAnalyzer (syslog) # next

7. Save the changes to the current object and exit the config command. This returns you to the top-level command prompt.

  • FortiAnalyzer (syslog) # end