Fortinet white logo
Fortinet white logo

Administration Guide

Log Servers

Log Servers

You can send FortiDeceptor logs to a remote syslog server, FortiAnalyzer, or common event type (CEF) server. In Log > Log Servers, you can create new remote log servers, and edit and delete remote log servers. You can configure up to 30 remote log server entries.

The following options are available:

Create New

Create a log server entry.

Edit

Edit the selected log server entry.

Delete

Delete the selected log server entry.

This page displays the following information:

Name

Name of the server entry.

Type

Server type: syslog or CEF.

Log Server Address

Log server address.

Port

Log server port number.

Status

Log server status, Enabled or Disabled.

To create a server entry:
  1. Go to Log > Log Servers.
  2. Click Create New.
  3. Configure the following settings:

    Name

    Name of the new server entry.

    Type

    Select Syslog Protocol, FortiAnalyzer, or Common Event Format.

    Log Server Address

    Log server IP address or FQDN.

    Port

    Port number. The default port is 514.

    Status

    Enable or disable sending logs to the server.

    Log Level

    Select the logging levels to forward to the log server. For logging levels, see Logging Levels.

  4. Click OK.
To edit or delete a log server
  1. Go to Log > Log Servers.
  2. Select an entry and click Edit or Delete.

Log Servers

Log Servers

You can send FortiDeceptor logs to a remote syslog server, FortiAnalyzer, or common event type (CEF) server. In Log > Log Servers, you can create new remote log servers, and edit and delete remote log servers. You can configure up to 30 remote log server entries.

The following options are available:

Create New

Create a log server entry.

Edit

Edit the selected log server entry.

Delete

Delete the selected log server entry.

This page displays the following information:

Name

Name of the server entry.

Type

Server type: syslog or CEF.

Log Server Address

Log server address.

Port

Log server port number.

Status

Log server status, Enabled or Disabled.

To create a server entry:
  1. Go to Log > Log Servers.
  2. Click Create New.
  3. Configure the following settings:

    Name

    Name of the new server entry.

    Type

    Select Syslog Protocol, FortiAnalyzer, or Common Event Format.

    Log Server Address

    Log server IP address or FQDN.

    Port

    Port number. The default port is 514.

    Status

    Enable or disable sending logs to the server.

    Log Level

    Select the logging levels to forward to the log server. For logging levels, see Logging Levels.

  4. Click OK.
To edit or delete a log server
  1. Go to Log > Log Servers.
  2. Select an entry and click Edit or Delete.