Fortinet black logo

New Features

Multiple FortiAnalyzer (or Syslog) Per VDOM

Copy Link
Copy Doc ID 761d83e3-4a7b-11e9-94bf-00505692583a:972129
Download PDF

Multiple FortiAnalyzer (or Syslog) Per VDOM

Under VDOM, support has been added for multiple FortiAnalyzer and Syslog servers as follows:

  • Support for up to three override FortiAnalyzer servers.
  • Support for up to four override Syslog servers.

If the VDOM faz-override and/or syslog-override setting is enabled or disabled (default) before upgrading, the setting remains the same after upgrading.

In the GUI, if the override setting is disabled, the GUI displays the global FortiAnalyzer1 or syslog1 setting. If the override setting is enabled, the GUI displays the VDOM override FortiAnalyzer1 or syslog1 setting.

You can only use CLI to enable the override to support multiple log servers.

To enable FortiAnalyzer and Syslog server override under VDOM:

config log setting

set faz-override enable

set syslog-override enable

end

When faz-override and/or syslog-override is enabled, the following CLI commands are available to config VDOM override:

To configure VDOM override for FortiAnalyzer:

config log fortianalyzer/fortianalyzer2/fortianalyzer3 override-setting

set status enable

set server "123.12.123.123"

set reliable enable

end

config log fortianalyzer/fortianalyzer2/fortianalyzer3 override-filter

set severity information

set forward-traffic enable

set local-traffic enable

set multicast-traffic enable

set sniffer-traffic enable

set anomaly enable

set voip enable

set dlp-archive enable

set dns enable

set ssh enable

set ssl enable

end

To configure VDOM override for Syslog server:

config log syslogd/syslogd2/syslogd3/syslogd4 override-setting

set status enable

set server "123.12.123.12"

set facility local1

end

config log syslogd/syslogd2/syslogd3/syslogd4 override-filter

set severity information

set forward-traffic enable

set local-traffic enable

set multicast-traffic enable

set sniffer-traffic enable

set anomaly enable

set voip enable

set dns enable

set ssh enable

set ssl enable

end

Related Videos

sidebar video

Multiple FortiAnalyzers and Syslog Servers per VDOM

  • 950 views
  • 5 years ago

Multiple FortiAnalyzer (or Syslog) Per VDOM

Under VDOM, support has been added for multiple FortiAnalyzer and Syslog servers as follows:

  • Support for up to three override FortiAnalyzer servers.
  • Support for up to four override Syslog servers.

If the VDOM faz-override and/or syslog-override setting is enabled or disabled (default) before upgrading, the setting remains the same after upgrading.

In the GUI, if the override setting is disabled, the GUI displays the global FortiAnalyzer1 or syslog1 setting. If the override setting is enabled, the GUI displays the VDOM override FortiAnalyzer1 or syslog1 setting.

You can only use CLI to enable the override to support multiple log servers.

To enable FortiAnalyzer and Syslog server override under VDOM:

config log setting

set faz-override enable

set syslog-override enable

end

When faz-override and/or syslog-override is enabled, the following CLI commands are available to config VDOM override:

To configure VDOM override for FortiAnalyzer:

config log fortianalyzer/fortianalyzer2/fortianalyzer3 override-setting

set status enable

set server "123.12.123.123"

set reliable enable

end

config log fortianalyzer/fortianalyzer2/fortianalyzer3 override-filter

set severity information

set forward-traffic enable

set local-traffic enable

set multicast-traffic enable

set sniffer-traffic enable

set anomaly enable

set voip enable

set dlp-archive enable

set dns enable

set ssh enable

set ssl enable

end

To configure VDOM override for Syslog server:

config log syslogd/syslogd2/syslogd3/syslogd4 override-setting

set status enable

set server "123.12.123.12"

set facility local1

end

config log syslogd/syslogd2/syslogd3/syslogd4 override-filter

set severity information

set forward-traffic enable

set local-traffic enable

set multicast-traffic enable

set sniffer-traffic enable

set anomaly enable

set voip enable

set dns enable

set ssh enable

set ssl enable

end