Log Servers
You can send FortiDeceptor logs to a remote syslog server, FortiAnalyzer, or common event type (CEF) server. In Log > Log Servers, you can create new remote log servers, and edit and delete remote log servers. You can configure up to 30 remote log server entries.
The following options are available:
|
Create New |
Create a log server entry. |
|
Edit |
Edit the selected log server entry. |
|
Delete |
Delete the selected log server entry. |
This page displays the following information:
|
Name |
Name of the server entry. |
|
Type |
Server type: syslog, syslog over TLS, FortiAnalyzer or CEF. |
|
Log Server Address |
Log server address. |
|
Port |
Log server port number. |
|
Status |
Log server status, Enabled or Disabled. |
To create a server entry:
- Go to Log > Log Servers.
- Click Create New.
- Configure the following settings:
Name
Name of the new server entry.
Type
Select Syslog Protocol, FortiAnalyzer, or Common Event Format.
Log Server Address
Log server IP address or FQDN.
Port
Port number. The default port is 514.
Status
Enable or disable sending logs to the server.
Log Level
Select the logging levels to forward to the log server. For logging levels, see Logging Levels.
- Click OK.
To edit or delete a log server
- Go to Log > Log Servers.
- Select an entry and click Edit or Delete.