web analytics

FORTINET FORTIGATE

Log Forwarding > Network Infrastructure > Fortinet FortiGate

Instructions for forwarding Fortinet FortiGate logs to your Log Management device

PREREQUISITES

FortiGate Next Generation (NGFW) Firewall UTM Appliance

  • The IP Address for the FortiGate appliance
  • Credentials to access the FortiGate appliance
  • Secure Shell (SSH) access configured on the FortiGate appliance

Clone Systems Log Management Device

  • The IP Address for the Clone Systems Log Management device

INSTRUCTIONS

1

Open a command prompt and SSH into the Fortinet FortiGate using a tool like PuTTY.

2

Configure the FortiGate unit to send logs to a remote computer running a syslog server.

FortiGate # config log syslogd setting

3

Set the IP address of the Clone Systems Log Management device.

FortiGate (setting) # set server { IP Address of Clone Systems Log collector }

EXAMPLE: Fortigate (setting) # set server 10.1.1.1

4

Set the source IP address for the Fortinet FortiGate.

FortiGate (setting) # set source-ip {internal IP of Fortigate}

Note: This is the source IP that will be displayed in the logs.

5

Enable logging to the Clone Systems Log Management device.

FortiGate (setting) # set status enable

6

Save the changes you have made in the current table’s fields, and exit the edit command to the object prompt.

FortiGate (setting) # next

7

Save the changes to the current object and exit the config command. This returns you to the top-level command prompt.

FortiGate (setting) # end