Log Servers
FortiDeceptor logs can be sent to a remote syslog server or common event type (CEF) server. Go to Log & Reports > Log Servers to create new remote log servers as well as edit and delete remote log servers. You can configure up to 30 remote log server entries.
The following options are available:
|
Create New |
Select to create a new log server entry. |
|
Edit |
Select a log server entry in the list and select Edit in the toolbar to edit the entry. |
|
Delete |
Select a log server entry in the list and select Delete in the toolbar to delete the entry. |
This page displays the following information:
|
Name |
The name of the server entry. |
|
Server Type |
The server type. One of the following options: CEF or syslog. |
|
Server Address |
The log server address. |
|
Port |
The log server port number. |
|
Status |
The status of the log server, Enabled or Disabled. |
To create a new server entry:
- Go to Log & Reports > Log Servers.
- Select + Create New from the toolbar.
- Configure the following settings:
Name
Enter a name for the new server entry.
Type
Select Log Server Type from the drop-down list.
Log Server Address
Port
Enter the port number. The default port is 514.
Status
Select to enable or disable sending logs to the server.
Log Level
Select to enable the logging levels to be forwarded to the log server. The following options are available:
- Alert Logs.
- Critical Logs
- Error Logs
- Warning Logs
- Information Logs
- Debug Logs
- Select OK to save the entry.
To edit or delete a log server
- Go to Log and Report > Log Servers.
- Select a syslog server or new common event entry.
- Click the Edit or Delete button from the toolbar.