Jul 26 2021 03:56 PM
Hi Team.
We are using Azure Sentinel to receive logs from Fortinet Firewall via syslog, where it is forwarding all types of logs, how can I configure the syslog so that it forwards only important logs?
Jul 28 2021 10:12 AM
SolutionAug 27 2021 11:19 AM
Aug 28 2021 07:06 AM
Aug 28 2021 08:31 PM
@BrunoFeltrin Fortinet firewall logging levels are mentioned here - https://docs.fortinet.com/document/fortimanager/7.0.0/log-message-reference/547625/priority-levels
Best is to request your firewall administrator to log into cli mode and forward those logs into your syslog server via pre-configured port number of the syslog server. Normally port number is 514. Please refer to the attached pictue as wlel.
Oct 17 2023 04:24 AM
Oct 17 2023 04:40 AM
Jul 28 2021 10:12 AM
Solution