Configuring a Syslog profile
When FortiAPs are managed by FortiGate, you can configure your FortiAPs to send logs (Event, UTM, and etc) to the syslog server. Syslog server information can be configured in a Syslog profile that is then assigned to a FortiAP profile.
To configure a Syslog profile - GUI
- Go to WiFi & Switch Controller > FortiAP Profiles and select the profile you want to assign a syslog profile to.
-
Locate System Log and enable Syslog profile.
-
Click the Syslog profile field and click Create to create a new syslog profile.
The New Wireless Syslog Profile window loads.
- Enter a Name for the Syslog profile.
-
Select the Server type you want to use.
- If you select IP, enter the IP address of the syslog server.
- If you select FQDN, enter the FQDN address of the syslog server.
-
Select a Log level to determine the lowest level of log messages that the FortiAP sends to the server:
- Ensure that the Status is enabled.
- Click OK to save the Syslog profile.
- From the FortiAP profile, select the Syslog profile you created.
- Click OK to save the FortiAP profile.
To configure a Syslog profile - CLI:
-
Configure a syslog profile on FortiGate:
config wireless-controller syslog-profile edit "syslog-demo-1" set comment '' set server-status enable set server-addr-type ip set server-ip 192.16.9.12 set server-port 514 set log-level debugging next end -
Assign the syslog profile to a FortiAP profile:
config wireless-controller wtp-profile edit "FAP231F-default" config platform set type 231F set ddscan enable end set syslog-profile "syslog-demo-1" ... next end -
Assign the FortiAP profile to a managed FortiAP unit:
config wireless-controller wtp edit "FP231FTF20026472" set uuid 183ae8c6-09de-81ec-d12e-02a3c8eb88d6 set admin enable set wtp-profile "FAP231F-default" config radio-1 end config radio-2 end next end -
From the FortiGate console, verify that the syslog profile has been successfully adopted:
FortiGate-80E-POE # diagnose wireless-controller wlac -c wtpprof FAP231F-default WTPPROF (001/005) vdom,name: root, FAP231F-default platform : FAP231F. refcnt : 5 own(1) wlan(2) wtp(1) deleted : no apcfg-profile : ddscan : enabled ble-profile : syslog-profile : syslog-demo-1(enabled server=192.16.9.12:514 log-level=7) led-state : enabled lldp : enabled poe-mode : auto ... FortiGate-80E-POE # diagnose wireless-controller wlac -c syslogprof SYSLOG (001/001) vdom,name : root, syslog-demo-1 refcnt : 2 own(1) wtpprof(1) deleted : no server status : enabled server address : 192.16.9.12 server port : 514 server log level : 7 wtpprof cnt : 1 wtpprof 001 : FAP231F-default -
From the FortiAP console, verify that the configurations have been successful pushed to the FortiAP unit:
FortiAP-231F # cw_diag -c syslog config Syslog configuration: en=1 addr=192.16.9.12 port=514 log_level=7
To configure a Syslog profile using a FQDN server address - CLI:
-
Configure a syslog profile on FortiGate:
config wireless-controller syslog-profile edit "syslog-demo-2" set comment '' set server-status enable set server-addr-type fqdn set server-fqdn "syslog.test.env" set server-port 5140 set log-level critical next end -
Assign the FortiAP profile to a managed FortiAP unit:
config wireless-controller wtp-profile edit "FAP231F-default" config platform set type 231F set ddscan enable end set syslog-profile "syslog-demo-2" ... next end -
Assign the FortiAP profile to a managed FortiAP unit:
config wireless-controller wtp edit "FP231FTF20026472" set uuid 183ae8c6-09de-81ec-d12e-02a3c8eb88d6 set admin enable set wtp-profile "FAP231F-default" config radio-1 end config radio-2 end next end -
From the FortiAP console, verify that the configurations have been successful pushed to the FortiAP unit:
FortiAP-231F # cw_diag -c syslog config Syslog configuration: en=1 addr=syslog.test.env(192.16.9.12) port=5140 log_level=2