Fortigate Router/FW Syslog reporting

rnesman · 2013-04-08T19:52:18.000Z

Anyone ever setup a syslog server for a Fortigate router?

If so what did you use and how do you like reports from it?

If not what syslog server do you like?

We are a non-profit and we need to do this on the cheap, or wait for grant money…NOT.

Fortinet wants a minimum $300.00 plus a year for their reporting options, might be worth it but would like tosee what other options have been tried by the community.

Thanks All

@Fortinet

azron · 2013-04-08T21:24:12.000Z

Splunk!

Splunk

Splunk | The Key to Enterprise Resilience

Splunk is the key to enterprise resilience. Our platform enables organizations around the world to prevent major issues, absorb shocks and accelerate digital transformation.

Can run on a variety of systems. There is a free option for low volume data commits, or a very low cost for a commercial license.

You can configure Splunk to create a UDP/TCP listener and will take syslog output from ANYTHING!

Splunk is malleable so you can build dashboard and reports for your data; infact, the splunkbase (community) has SplunkApps that will provide pre-canned vies of fortidata for reporting purposes.

Splunk is awesome and infinitely flexible!

jff · 2013-04-09T22:47:01.000Z

I believe you can still register a FAMS account with Fortinet without paying the $300 (I did). There are some limitations, like a low storage quota and your data will not roll-over when the quota is filled (you have to manually purge the data). With the $300 you get more storage, data roll-over when quota is filled, etc.

https://www.forticloud.com/com.fortinet.gwt.Main/help.jsp?locale=en_US

aniruddha-cyberoam · 2013-04-11T06:42:45.000Z

Try using Cyberoam i-view syslog server which can be downloaded for free and it can be used to collect syslogs from Fortinet and display reports.

You can try and download it from http://www.cyberoam-iview.org/

martinpeverley · 2013-04-29T18:55:22.000Z

Any update on this Rick?

rnesman · 2013-05-03T14:24:06.000Z

I am Trying FAMS, Forticloud free version. Sorry on the delay to respond Needed to upgrade from OS 4 patch 3 to patch 10 to get that option. Tried going to ver 5.0.1 but lost all UTM settings and ALL filtering, will visit that later back to 4 patch 10 for now while I eval FAMS …Forticloud free version. If I can do monthly reports I am fine with that.

If this gives what I need this will be the best anwer.

rnesman · 2013-07-15T13:30:31.000Z

FAMS is working Great! Just what I wanted.

shobanadevi4587 · 2013-10-18T07:30:21.000Z

Any one Rick444 wrote:

Anyone ever setup a syslog server for a Fortigate router?

If so what did you use and how do you like reports from it?

If not what syslog server do you like?

We are a non-profit and we need to do this on the cheap, or wait for grant money…NOT.

Fortinet wants a minimum $300.00 plus a year for their reporting options, might be worth it but would like tosee what other options have been tried by the community.

Thanks All

know how to generate reports in fortigate using our own dataset?

Thanks,

Shobana

lotfiomary6511 · 2014-02-10T13:31:06.000Z

Hi A niruddha

i was install ivew and i see all logs coming from my fortigate 3040b v5 when i try report i get NO DATA. can you help me please to run this report and get all data

thanks