Fortinet black logo

CLI reference

Home FortiNDR 7.0.3 CLI reference
7.0.3
7.4.3
7.4.2
7.4.1
7.4.0
7.2.3
7.2.2
7.2.1
7.2.0
7.1.0
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0

config system syslog1 settings

config system syslog1 settings

Use this command to configure a general remote server which can receive syslogs. FortiNDR system will send logs with specified type and severity (only for ndr type) to this remote server.

Syntax

config system syslog1 settings
    set ipaddr <ipv4mask> 
    set port 	<int> 
    set status {enable, disable}
    set type 	{event, malware, ndr}
    set ndr-severity {low, medium, high, critical}
end

Variable

Description

Default

Name <string>

Profile name

ipaddr <ipv4mask>

The IP address of the remote server. Only IPv4 is supported.

0.0.0.0

port <int>

The port number of the remote server for syslog services.

514

status {enable, disable}

Enable or disable sending logs to this remote server.

disable

type {event, malware, ndr}

FortiNDR supports three types of logs: event, malware and ndr.

Multiple choices are supported.

event, malware, ndr

ndr-severity {low, medium, high, critical}

Filtering by severity is supported when sending ndr logs. The supported multiple choices are low, medium, high and critical.

low, medium, high, critical
Previous
Next

config system syslog1 settings

Use this command to configure a general remote server which can receive syslogs. FortiNDR system will send logs with specified type and severity (only for ndr type) to this remote server.

Syntax

config system syslog1 settings
    set ipaddr <ipv4mask> 
    set port 	<int> 
    set status {enable, disable}
    set type 	{event, malware, ndr}
    set ndr-severity {low, medium, high, critical}
end

Variable

Description

Default

Name <string>

Profile name

ipaddr <ipv4mask>

The IP address of the remote server. Only IPv4 is supported.

0.0.0.0

port <int>

The port number of the remote server for syslog services.

514

status {enable, disable}

Enable or disable sending logs to this remote server.

disable

type {event, malware, ndr}

FortiNDR supports three types of logs: event, malware and ndr.

Multiple choices are supported.

event, malware, ndr

ndr-severity {low, medium, high, critical}

Filtering by severity is supported when sending ndr logs. The supported multiple choices are low, medium, high and critical.

low, medium, high, critical
Previous
Next