Fortinet black logo

Log Servers

Copy Link
Copy Doc ID e09daf98-5af9-11e9-81a4-00505692583a:594293
Download PDF

Log Servers

FortiDeceptor logs can be sent to a remote syslog server or common event type (CEF) server. Go to Log & Reports > Log Servers to create new remote log servers as well as edit and delete remote log servers. You can configure up to 30 remote log server entries.

The following options are available:

Create New

Select to create a new log server entry.

Edit

Select a log server entry in the list and select Edit in the toolbar to edit the entry.

Delete

Select a log server entry in the list and select Delete in the toolbar to delete the entry.

This page displays the following information:

Name

The name of the server entry.

Server Type

The server type. One of the following options: CEF or syslog.

Server Address

The log server address.

Port

The log server port number.

Status

The status of the log server, Enabled or Disabled.

To create a new server entry:
  1. Go to Log & Reports > Log Servers.
  2. Select + Create New from the toolbar.
  3. Configure the following settings:

    Name

    Enter a name for the new server entry.

    Type

    Select Log Server Type from the drop-down list.

    Log Server Address

    Enter the log server IP address or FQDN.

    Port

    Enter the port number. The default port is 514.

    Status

    Select to enable or disable sending logs to the server.

    Log Level

    Select to enable the logging levels to be forwarded to the log server. The following options are available:

    • Alert Logs.
    • Critical Logs
    • Error Logs
    • Warning Logs
    • Information Logs
    • Debug Logs
  4. Select OK to save the entry.
To edit or delete a log server
  1. Go to Log and Report > Log Servers.
  2. Select a syslog server or new common event entry.
  3. Click the Edit or Delete button from the toolbar.

Log Servers

FortiDeceptor logs can be sent to a remote syslog server or common event type (CEF) server. Go to Log & Reports > Log Servers to create new remote log servers as well as edit and delete remote log servers. You can configure up to 30 remote log server entries.

The following options are available:

Create New

Select to create a new log server entry.

Edit

Select a log server entry in the list and select Edit in the toolbar to edit the entry.

Delete

Select a log server entry in the list and select Delete in the toolbar to delete the entry.

This page displays the following information:

Name

The name of the server entry.

Server Type

The server type. One of the following options: CEF or syslog.

Server Address

The log server address.

Port

The log server port number.

Status

The status of the log server, Enabled or Disabled.

To create a new server entry:
  1. Go to Log & Reports > Log Servers.
  2. Select + Create New from the toolbar.
  3. Configure the following settings:

    Name

    Enter a name for the new server entry.

    Type

    Select Log Server Type from the drop-down list.

    Log Server Address

    Enter the log server IP address or FQDN.

    Port

    Enter the port number. The default port is 514.

    Status

    Select to enable or disable sending logs to the server.

    Log Level

    Select to enable the logging levels to be forwarded to the log server. The following options are available:

    • Alert Logs.
    • Critical Logs
    • Error Logs
    • Warning Logs
    • Information Logs
    • Debug Logs
  4. Select OK to save the entry.
To edit or delete a log server
  1. Go to Log and Report > Log Servers.
  2. Select a syslog server or new common event entry.
  3. Click the Edit or Delete button from the toolbar.