Fortinet black logo

Administration Guide

Configuring FortiAnalyzer

Configuring FortiAnalyzer

FortiAnalyzer or Cloud Logging is a required component for the Security Fabric. Either FortiAnalyzer, FortiAnalyzer Cloud, or FortiGate Cloud can be used to met this requirement.

FortiAnalyzer allows the Security Fabric to show historical data for the Security Fabric topology and logs for the entire Security Fabric. For more information about using FortiAnalyzer, see the FortiAnalyzer Administration Guide.

Note

FortiAnalyzer 7.0.1 is used for this configuration example.

To authorize a FortiAnalyzer in the Security Fabric:
  1. In FortiAnalyzer, configure the authorization address and port:
    1. Go to System Settings > Admin > Admin Settings.
    2. In the Fabric Authorization section, enter an Authorization Address and Authorization Port. This is used to access the FortiAnalyzer login screen.

    3. Click Apply.
  2. In FortiOS, go to Security Fabric > Fabric Connectors and double-click the FortiAnalyzer Logging card.
  3. Enter the FortiAnalyzer IP.
  4. Click OK. The FortiAnalyzer Status (in the right-side gutter) is Unauthorized.

  5. Click Authorize. You are redirected to a login screen.
  6. Enter the username and password, then click Login.

    The authorization dialog opens.

  7. Select Approve and click OK to authorize the FortiGate.

  8. In FortiOS, refresh the FortiAnalyzer Logging page. The FortiAnalyzer Status is Authorized.

Note

FortiGates with a FortiAnalyzer Cloud license can send all logs to FortiAnalyzer Cloud.

Configuring FortiAnalyzer

FortiAnalyzer or Cloud Logging is a required component for the Security Fabric. Either FortiAnalyzer, FortiAnalyzer Cloud, or FortiGate Cloud can be used to met this requirement.

FortiAnalyzer allows the Security Fabric to show historical data for the Security Fabric topology and logs for the entire Security Fabric. For more information about using FortiAnalyzer, see the FortiAnalyzer Administration Guide.

Note

FortiAnalyzer 7.0.1 is used for this configuration example.

To authorize a FortiAnalyzer in the Security Fabric:
  1. In FortiAnalyzer, configure the authorization address and port:
    1. Go to System Settings > Admin > Admin Settings.
    2. In the Fabric Authorization section, enter an Authorization Address and Authorization Port. This is used to access the FortiAnalyzer login screen.

    3. Click Apply.
  2. In FortiOS, go to Security Fabric > Fabric Connectors and double-click the FortiAnalyzer Logging card.
  3. Enter the FortiAnalyzer IP.
  4. Click OK. The FortiAnalyzer Status (in the right-side gutter) is Unauthorized.

  5. Click Authorize. You are redirected to a login screen.
  6. Enter the username and password, then click Login.

    The authorization dialog opens.

  7. Select Approve and click OK to authorize the FortiGate.

  8. In FortiOS, refresh the FortiAnalyzer Logging page. The FortiAnalyzer Status is Authorized.

Note

FortiGates with a FortiAnalyzer Cloud license can send all logs to FortiAnalyzer Cloud.