Fortinet black logo

CLI reference

Home FortiNDR 7.0.3 CLI reference
7.0.3
7.4.3
7.4.2
7.4.1
7.4.0
7.2.3
7.2.2
7.2.1
7.2.0
7.1.0
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0

config system syslog2 settings

config system syslog2 settings

Use this command to configure a general remote server which will receive syslogs. FortiNDR system will send logs with specified type and severity (only for ndr log types ) to this remote server.

Syntax

config system syslog2 settings
    set ipaddr <ipv4mask> 
    set port 	<int> 
    set status {enable, disable}
    set type 	{event, malware, ndr}
    set ndr-severity {low, medium, high, critical}
end

Variable

Description

Default

Name <string>

Profile name

ipaddr <ipv4mask>

The IP address of the remote server. Only IPv4 is supported.

0.0.0.0

port <int>

The port number of the remote server for syslog services.

514

status {enable, disable}

Enable or disable sending logs to this remote server.

disable

type {event, malware, ndr}

FortiNDR supports to three types of logs, including event, malware and ndr.

Multiple choices are supported.

event, malware, ndr

ndr-severity {low, medium, high, critical}

Filtering by severity is supported when sending ndr logs. The supported multiple choices are low, medium, high and critical.

low, medium, high, critical
Previous
Next

config system syslog2 settings

Use this command to configure a general remote server which will receive syslogs. FortiNDR system will send logs with specified type and severity (only for ndr log types ) to this remote server.

Syntax

config system syslog2 settings
    set ipaddr <ipv4mask> 
    set port 	<int> 
    set status {enable, disable}
    set type 	{event, malware, ndr}
    set ndr-severity {low, medium, high, critical}
end

Variable

Description

Default

Name <string>

Profile name

ipaddr <ipv4mask>

The IP address of the remote server. Only IPv4 is supported.

0.0.0.0

port <int>

The port number of the remote server for syslog services.

514

status {enable, disable}

Enable or disable sending logs to this remote server.

disable

type {event, malware, ndr}

FortiNDR supports to three types of logs, including event, malware and ndr.

Multiple choices are supported.

event, malware, ndr

ndr-severity {low, medium, high, critical}

Filtering by severity is supported when sending ndr logs. The supported multiple choices are low, medium, high and critical.

low, medium, high, critical
Previous
Next