Go Up
You are here: DeploymentConfigure IT InfrastructureNetwork DevicesConfigure Fortinet FortiGate Devices

Configure Fortinet FortiGate Devices

To configure your Fortinet FortiGate devices, enable logging to multiple Syslog servers and configure FortiOS to send log messages to remote syslog servers in CEF format. Do one of the following:

To configure Fortinet FortiGate devices via Command Line Interface

  1. Log in to the Command Line Interface (CLI).
  2. Enter the following commands:

    config log syslogd setting

    set format cef

    NOTE: To enable CEF format in some previous FortiOS versions, enter the set csv disable command.

    set csv disable

    set facility <facility_name>

    set port 514

    set reliable disable

    set server <ip_address_of_Receiver>

    set status enable

    end

To configure Fortinet FortiGate devices through the Fortigate Management Console

  1. Open Fortigate Management Console and navigate to Log&Report ® Log Config ® Log Setting.
  2. Select the Syslog checkbox.
  3. Expand the Options section and complete the following fields:

    Option Description

    Name/IP

    Enter the hostname or IP address of the Receiver.

    Port

    Set to "514".

    Level

    Select desired logging level.

    Facility

    Netwrix recommends using default values.

    Data format

    Select CEF.

    NOTE: To enable CEF format in some previous FortiOS versions, unselect the Enable CSV checkbox.

  4. Click Apply.

Go Up