Fortinet black logo

CLI reference

Home FortiNDR 7.0.3 CLI reference
7.0.3
7.4.3
7.4.2
7.4.1
7.4.0
7.2.3
7.2.2
7.2.1
7.2.0
7.1.0
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0

config system syslog fortianalyzer settings

config system syslog fortianalyzer settings

Syntax

Use this command to configure a FortiAnalyzer remote server which will receive syslogs. FortiNDR system will send logs with specified type and severity (only for NDR type ) to this remote server.

config system syslog fortianalyzer settings
    set ipaddr <ipv4mask> 
    set port 	<int> 
    set status {enable, disable}
    set type 	{event, malware, ndr}
    set ndr-severity {low, medium, high, critical}
end

Variable

Description

Default

Name <string>

Profile name

ipaddr <ipv4mask>

The IP address of the remote server. Only IPv4 is supported.

0.0.0.0

port <int>

The port number of the remote server for syslog services.

514

status {enable, disable}

Enable or disable sending logs to this remote server.

disable

type {event, malware, ndr}

FortiNDR supports three types of logs: event, malware and ndr.

Multiple choices are supported.

event, malware, ndr

ndr-severity {low, medium, high, critical}

Filtering by severity is supported for sending ndr type log,. The supported multiple choices are low, medium, high and critical.

low, medium, high, critical
Previous
Next

config system syslog fortianalyzer settings

Syntax

Use this command to configure a FortiAnalyzer remote server which will receive syslogs. FortiNDR system will send logs with specified type and severity (only for NDR type ) to this remote server.

config system syslog fortianalyzer settings
    set ipaddr <ipv4mask> 
    set port 	<int> 
    set status {enable, disable}
    set type 	{event, malware, ndr}
    set ndr-severity {low, medium, high, critical}
end

Variable

Description

Default

Name <string>

Profile name

ipaddr <ipv4mask>

The IP address of the remote server. Only IPv4 is supported.

0.0.0.0

port <int>

The port number of the remote server for syslog services.

514

status {enable, disable}

Enable or disable sending logs to this remote server.

disable

type {event, malware, ndr}

FortiNDR supports three types of logs: event, malware and ndr.

Multiple choices are supported.

event, malware, ndr

ndr-severity {low, medium, high, critical}

Filtering by severity is supported for sending ndr type log,. The supported multiple choices are low, medium, high and critical.

low, medium, high, critical
Previous
Next