Log Forwarding > Network Infrastructure > Fortinet FortiGate
FORTINET FORTIGATE
Instructions for forwarding Fortinet FortiGate logs to your Log Management device
PREREQUISITES
FortiGate Next Generation (NGFW) Firewall UTM Appliance
- The IP Address for the FortiGate appliance
- Credentials to access the FortiGate appliance
- Secure Shell (SSH) access configured on the FortiGate appliance
Clone Systems Log Management Device
- The IP Address for the Clone Systems Log Management device
INSTRUCTIONS
1
Open a command prompt and SSH into the Fortinet FortiGate using a tool like PuTTY.
2
Configure the FortiGate unit to send logs to a remote computer running a syslog server.
FortiGate # config log syslogd setting
3
Set the IP address of the Clone Systems Log Management device.
FortiGate (setting) # set server { IP Address of Clone Systems Log collector }
EXAMPLE: Fortigate (setting) # set server 10.1.1.1
4
Set the source IP address for the Fortinet FortiGate.
FortiGate (setting) # set source-ip {internal IP of Fortigate}
Note: This is the source IP that will be displayed in the logs.
5
Enable logging to the Clone Systems Log Management device.
FortiGate (setting) # set status enable
6
Save the changes you have made in the current table’s fields, and exit the edit command to the object prompt.
FortiGate (setting) # next
7
Save the changes to the current object and exit the config command. This returns you to the top-level command prompt.
FortiGate (setting) # end