These instructions assume:
- The date, time and time zone are correctly set on the firewall.
- You have credentials and access to your Fortinet FortiGate firewall.
- The IP address of your Auvik collector is known. You can find this in the Syslog > Summary tab in the Export Information column.
Configure syslog
From the Graphical User Interface:
- Log into your FortiGate.
- Click Log & Report to expand the menu.
- Click Log Settings.
- Toggle Send Logs to Syslog to Enabled.
- Enter the Auvik Collector IP address.
- Click Apply.
Adding additional syslog servers
The Fortigate supports up to 4 Syslog servers.
If a Syslog server is in use, the Fortigate GUI will not allow you to include another one. However, you can do it using the CLI.
Choose the next syslogd available, if you are including a second Syslog server: syslogd2
config log {syslogd | syslogd2 | syslogd3 | syslogd4} setting
set status enable
set port 514
set server {Auvik_Collector_IP_address}
set source-ip {LAN/Mngmt_Firewall_IP_Address}
end