Fortinet black logo

Administration Guide

Adding a Security Fabric group

Adding a Security Fabric group

Before you can add a Security Fabric group to FortiAnalyzer, you need to create the Security Fabric group in FortiGate. For more information, see the FortiOS Handbook.

Fortinet recommends using a dedicated Super_User administrator account on the FortiGate for FortiAnalyzer access. This ensures that associated log messages are identified as originating from FortiAnalyzer activity. This dedicated Super_User administrator account only needs Read Only access to System Configuration; all other access can be set to None.

To add a Security Fabric group:
  1. Go to Device Manager > Unregistered Devices.
  2. Select all the devices corresponding to the Security Fabric group created in FortiGate.
  3. Authenticate the Security Fabric group by clicking the Warning icon (yellow triangle) beside the corresponding FortiGate root.

  4. Enter the Authentication Credentials. The authentication credentials are the ones you specified in FortiGate. Once the FortiGate root has been authenticated, the Warning icon will disappear.
  5. After authentication, it takes a few minutes for FortiAnalyzer to automatically populate the devices under the FortiGate root which creates the Security Fabric group.

Adding a Security Fabric group

Before you can add a Security Fabric group to FortiAnalyzer, you need to create the Security Fabric group in FortiGate. For more information, see the FortiOS Handbook.

Fortinet recommends using a dedicated Super_User administrator account on the FortiGate for FortiAnalyzer access. This ensures that associated log messages are identified as originating from FortiAnalyzer activity. This dedicated Super_User administrator account only needs Read Only access to System Configuration; all other access can be set to None.

To add a Security Fabric group:
  1. Go to Device Manager > Unregistered Devices.
  2. Select all the devices corresponding to the Security Fabric group created in FortiGate.
  3. Authenticate the Security Fabric group by clicking the Warning icon (yellow triangle) beside the corresponding FortiGate root.

  4. Enter the Authentication Credentials. The authentication credentials are the ones you specified in FortiGate. Once the FortiGate root has been authenticated, the Warning icon will disappear.
  5. After authentication, it takes a few minutes for FortiAnalyzer to automatically populate the devices under the FortiGate root which creates the Security Fabric group.