Configure Network Device - Fortinet Firewall

This article describes the steps to configure Fortinet Firewalls to send syslog data to the RocketCyber Firewall Analyzer

Configure the FortiGate firewall settings for your specific FortiOS operating system.

In FortiOS 5.x and higher, syslog servers should be configured using a command line.

FortiOS allows up to 3 syslog servers on FortiOS 5.x and 4 syslog servers on ForiOS 6.x.

To configure your firewall running FortiOS 5.x or 6.x:

open a command line on the device.
Before configuring one of the available syslog servers, find the first one that is not already in use by the following command:

config log {syslogd | syslogd2 | syslogd3 | syslogd4} setting

show

end

Enter the following commands to configure the chosen syslog server entry {syslogd|syslogd2|syslogd3|syslogd4} in the example below we are using syslogd and our RocketAgent syslog IP address is 192.168.3.15

config global
config log syslogd setting 
set status enable
set csv disable
set server 192.168.3.15
set source-ip 10.2.2.2
end

For the server parameter, enter the IP address of the RocketAgent syslog server.
For the source-ip, enter the IP address of the firewall that will be sending the syslog messages to the RocketAgent syslog server.

Additional details can be found in the Fortigate FortiOS CLI Reference Guides

	Need troubleshooting help? Open the Kaseya Helpdesk.
	Want to talk about it? Head on over to the Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the Ideas forum!
	Provide feedback for the Documentation team.