FortiAnalyzer includes the option to add a device as a model device in Device Manager and auto-link the device using a pre-shared key when the real device connects to FortiAnalyzer.
- On FortiAnalyzer, go to the Device Manager, and click Add Device.
- Under Link Device By select Pre-shared Key, configure the settings for your device, and click Next.
- Name: Enter a name for the device, for example, ModelDevice_FG40F.
- Pre-shared Key: Enter a pre-shared key, for example: qa1234.
Device Model: Select the device model, for example: FGT40F.
The device is added successfully but is not yet authorized.
- On the FortiGate, go to Log Settings to configure the FortiAnalyzer. At this time, the connection status is unauthorized.
- In the FortiGate CLI, configure the pre-shared key to match the one configured on the FortiAnalyzer, for example qa1234.
config log fortianalyzer setting
set preshared-key <your pre-shared key>
- On FortiAnalyzer, go to the Device Manager and refresh the table. The FortiGate device is recognized and is automatically authorized as a registered device.
- On FortiGate, check Log Settings to confirm the connection status is Connected.
- On FortiAnalyzer, go to the Device Manager and configure multiple model devices using the same FortiGate platform. Each configured device must have a unique pre-shared key. In this example, five devices are configured.
- When a corresponding FortiGate device is configured to send logs to the FortiAnalyzer, and it is configured with a pre-shared key matching one of the five configured in FortiAnalyzer, it is automatically authorized as a registered device on FortiAnalyzer.