Fortinet black logo

Administration Guide

Home FortiAnalyzer BigData 7.2.7 Administration Guide
7.2.7
7.4.0
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.6
7.0.5
7.0.4
7.0.3
7.0.1
6.4.6
6.4.5
6.2.5
6.2.1

Configure FortiAnalyzer-BigData as log server on hyperscale FortiGate

Configure FortiAnalyzer-BigData as log server on hyperscale FortiGate

After external IP addresses for Security Manager hosts are set, you can configure a FortiGate with Hyperscale firewall features to send NetFlow v10 (IPFIX) or Syslog log messages over UDP to FortiAnalyzer-BigData. For more information, see Hyperscale Firewall Hardware logging in the Fortinet Doc Library.

To configure FortiAnalyzer-BigData as NetFlow log server on Hyberscale FortiGate:
  1. Go to Log & Report > Hyperscale SPU Offload Log Settings.
  2. Select NetFlow version V10.
  3. In Log Servers, click Create New to add each external IP address of FortiAnalyzer-BigData Security Manager Host.
  4. In the Source port and Destination port, enter 2055.

  5. In Log Servers Groups, click Create New to create a log group.
  6. For Logging mode, select Per-Session ending.
  7. For Log format, select NetFlow.
  8. For Log servers, add all the log servers created in the previous step.
  9. Click OK.

    The FortiGate is configured to send NetFlow log messages to FortiAnalyzer-BigData.

To configure FortiAnalyzer-BigData as Syslog log server on a hyperscale FortiGate:
  1. Go to Log & Report > Hyperscale SPU Offload Log Settings.
  2. In Log Servers, click Create New to add each external IP address of FortiAnalyzer-BigData Security Manager Host.
  3. In the Source port and Destination port, enter 514.
  4. In Log Servers Groups, click Create New to create a log group.
  5. Set Logging mode to Per-Session ending.
  6. Set Log format to Syslog.
  7. For Log servers, add all the log servers created in the previous step.
  8. Click OK. The FortiGate is configured to send Syslog log messages to FortiAnalyzer-BigData.
Previous
Next

Configure FortiAnalyzer-BigData as log server on hyperscale FortiGate

After external IP addresses for Security Manager hosts are set, you can configure a FortiGate with Hyperscale firewall features to send NetFlow v10 (IPFIX) or Syslog log messages over UDP to FortiAnalyzer-BigData. For more information, see Hyperscale Firewall Hardware logging in the Fortinet Doc Library.

To configure FortiAnalyzer-BigData as NetFlow log server on Hyberscale FortiGate:
  1. Go to Log & Report > Hyperscale SPU Offload Log Settings.
  2. Select NetFlow version V10.
  3. In Log Servers, click Create New to add each external IP address of FortiAnalyzer-BigData Security Manager Host.
  4. In the Source port and Destination port, enter 2055.

  5. In Log Servers Groups, click Create New to create a log group.
  6. For Logging mode, select Per-Session ending.
  7. For Log format, select NetFlow.
  8. For Log servers, add all the log servers created in the previous step.
  9. Click OK.

    The FortiGate is configured to send NetFlow log messages to FortiAnalyzer-BigData.

To configure FortiAnalyzer-BigData as Syslog log server on a hyperscale FortiGate:
  1. Go to Log & Report > Hyperscale SPU Offload Log Settings.
  2. In Log Servers, click Create New to add each external IP address of FortiAnalyzer-BigData Security Manager Host.
  3. In the Source port and Destination port, enter 514.
  4. In Log Servers Groups, click Create New to create a log group.
  5. Set Logging mode to Per-Session ending.
  6. Set Log format to Syslog.
  7. For Log servers, add all the log servers created in the previous step.
  8. Click OK. The FortiGate is configured to send Syslog log messages to FortiAnalyzer-BigData.
Previous
Next