Fortinet black logo

Online Help

Home FortiCASB 24.1.b Online Help
24.1.b
24.1.b
24.1.a
23.4.a
23.3.a
23.2.b
23.2.a
23.1.0
22.4.0
21.4.0
21.2.0
21.1.0
20.4.1
20.4.0
20.3.0
20.2.0
20.1.0
4.2.0
4.1.0
2.1.0

Log Configuration Using FortiGate GUI

Log Configuration Using FortiGate GUI

  1. In FortiGate, go to Log & Report > Log Settings.
  2. Enable Send Logs to FortiAnalyzer/FortiManager.

  3. In Server, enter the FortiCASB receiver's IP address.

    4. The FortiCASB receiver IP address can be found by pressing the Device button from the FortiCASB Shadow IT dashboard. It will be one of the following addresses:

    Global and US Users 52.89.162.108 or 52.24.189.163
    EU Users 54.155.112.218 or 34.240.128.139
  4. Test the connectivity by clicking Test Connectivity.

You can also configure and check the connection by using the following CLI.

Please only choose one method(CLI or GUI) to configure FortiCASB connection. If you have already done it through GUI, do not configure it again through CLI.

Log configuration using FortiGate CLI

Obtain the Application Control ID from FortiGate:

Go to FortiGate > Security Events > Application Control > Other

Then continue with the log configuration using FortiGate CLI mode.

  1. Login to the FortiGate's CLI mode.
  2. Configure log settings for the FortiCASB device on the FortiGate.

    3. #config log fortianalyzer setting

    #set status enable

    #set server <FortiCASB server IP>

    #set enc-algorithm high-medium

    #set upload-option realtime

    #set reliable enable

    #end

  3. (Optional) Configure the log filter to only forward application-ctrl logs using the application control ID obtained earlier:

    4. #config log fortianalyzer filter

    #config free-style

    #edit 1

    #set filter-type include

    #set filter "logid <Application Control ID>"

    #end

  4. Test the connection using the following CLI command:

#execute log fortianalyzer test-connectivity

If the connection is successful, the FortiGate will return the following:

Registration: registered

Connection: allow

Otherwise, the FortiGate will return an error code

Previous
Next

Log Configuration Using FortiGate GUI

  1. In FortiGate, go to Log & Report > Log Settings.
  2. Enable Send Logs to FortiAnalyzer/FortiManager.

  3. In Server, enter the FortiCASB receiver's IP address.

    4. The FortiCASB receiver IP address can be found by pressing the Device button from the FortiCASB Shadow IT dashboard. It will be one of the following addresses:

    Global and US Users 52.89.162.108 or 52.24.189.163
    EU Users 54.155.112.218 or 34.240.128.139
  4. Test the connectivity by clicking Test Connectivity.

You can also configure and check the connection by using the following CLI.

Please only choose one method(CLI or GUI) to configure FortiCASB connection. If you have already done it through GUI, do not configure it again through CLI.

Log configuration using FortiGate CLI

Obtain the Application Control ID from FortiGate:

Go to FortiGate > Security Events > Application Control > Other

Then continue with the log configuration using FortiGate CLI mode.

  1. Login to the FortiGate's CLI mode.
  2. Configure log settings for the FortiCASB device on the FortiGate.

    3. #config log fortianalyzer setting

    #set status enable

    #set server <FortiCASB server IP>

    #set enc-algorithm high-medium

    #set upload-option realtime

    #set reliable enable

    #end

  3. (Optional) Configure the log filter to only forward application-ctrl logs using the application control ID obtained earlier:

    4. #config log fortianalyzer filter

    #config free-style

    #edit 1

    #set filter-type include

    #set filter "logid <Application Control ID>"

    #end

  4. Test the connection using the following CLI command:

#execute log fortianalyzer test-connectivity

If the connection is successful, the FortiGate will return the following:

Registration: registered

Connection: allow

Otherwise, the FortiGate will return an error code

Previous
Next