Configuring remote logging
Configuring remote logging
- Go to Log & Report > Log Settings > Remote and click New.
- Click Enable and enter a Profile name.
- Set Address to the IP address of the FortiAnalyzer.
- Set Port to 514, the commonly used port for syslog events that FortiAnalyzer uses to listen for incoming syslog event notifications.
- Select a security Level that a log message must meet or exceed in order to be recorded and stored.
- Select the Facility identifier that the FortiMail unit uses to identify itself.
- Set the Log protocol to Syslog or OFTPS (FortiAnalyzer units support both protocols).
- In this example, disable CSV format, as FortiAnalyzer units do not support CSV-formatted log messages.
- Enable Matched session only if you want to send only the matched session logs to the remote server, otherwise all logs will be sent regardless.
- Under Logging Policy Configuration, enable the types of logs you want to record to the FortiAnalyzer unit.
- Click Create.
Configuring remote logging
- Go to Log & Report > Log Settings > Remote and click New.
- Click Enable and enter a Profile name.
- Set Address to the IP address of the FortiAnalyzer.
- Set Port to 514, the commonly used port for syslog events that FortiAnalyzer uses to listen for incoming syslog event notifications.
- Select a security Level that a log message must meet or exceed in order to be recorded and stored.
- Select the Facility identifier that the FortiMail unit uses to identify itself.
- Set the Log protocol to Syslog or OFTPS (FortiAnalyzer units support both protocols).
- In this example, disable CSV format, as FortiAnalyzer units do not support CSV-formatted log messages.
- Enable Matched session only if you want to send only the matched session logs to the remote server, otherwise all logs will be sent regardless.
- Under Logging Policy Configuration, enable the types of logs you want to record to the FortiAnalyzer unit.
- Click Create.