How can we help?

How to configure syslog on Fortinet FortiGate firewalls

Follow

These instructions assume:

  • The date, time and time zone are correctly set on the firewall.
  • You have credentials and access to your Fortinet FortiGate firewall.
  • The IP address of your Auvik collector is known. You can find this in the Syslog > Summary tab in the Export Information column.

Configure syslog

From the Graphical User Interface:

  1. Log into your FortiGate.
  2. Click Log & Report to expand the menu.
  3. Click Log Settings.
  4. Toggle Send Logs to Syslog to Enabled.
  5. Enter the Auvik Collector IP address.
  6. Click Apply.

Adding additional syslog servers

The Fortigate supports up to 4 Syslog servers.

If a Syslog server is in use, the Fortigate GUI will not allow you to include another one. However, you can do it using the CLI. 

Choose the next syslogd available, if you are including a second Syslog server: syslogd2

config log {syslogd | syslogd2 | syslogd3 | syslogd4} setting

set status enable
set port 514
set server {Auvik_Collector_IP_address}
set source-ip {LAN/Mngmt_Firewall_IP_Address}

end
Was this article helpful?
6 out of 11 found this helpful
Have more questions? Submit a request