Fortinet black logo

External Systems Configuration Guide

MobileIron Sentry and Connector

MobileIron Sentry and Connector

What is Discovered and Monitored

Protocol Information Discovered Metrics/LOG collected Used for
Syslog Host name and Device Type from LOG Over 14 types of security logs Security and Compliance

Event Types

Go to Admin > Device Type > Event Types and search for “MobileIron-”.

Rules

None

Reports

None

Configuration

Configure MobileIron to send syslog in the supported format to FortiSIEM. No configuration is required in FortiSIEM.

Sample Events

Apr  3 04:16:51 mobile-apptunnel.xxxxx.com mi: PRODUCT=Sentry_9.4.0_4,2019 Apr  3 04:16:48 WARN   (Device=bc7b8d61-b003-49e6-9ef5-76ee5bebd6d9, DeviceIPPort=10.1.1.1:60995, User=Username2, Command=POST, Server=25678:domain3.local, Service=Traveler) (AlertOrigin=Sentry, AlertId=HTTP503) Got exception during device-to-server processing, Sentry reporting error to client:java.net.SocketTimeoutException: Read timed out

MobileIron Sentry and Connector

What is Discovered and Monitored

Protocol Information Discovered Metrics/LOG collected Used for
Syslog Host name and Device Type from LOG Over 14 types of security logs Security and Compliance

Event Types

Go to Admin > Device Type > Event Types and search for “MobileIron-”.

Rules

None

Reports

None

Configuration

Configure MobileIron to send syslog in the supported format to FortiSIEM. No configuration is required in FortiSIEM.

Sample Events

Apr  3 04:16:51 mobile-apptunnel.xxxxx.com mi: PRODUCT=Sentry_9.4.0_4,2019 Apr  3 04:16:48 WARN   (Device=bc7b8d61-b003-49e6-9ef5-76ee5bebd6d9, DeviceIPPort=10.1.1.1:60995, User=Username2, Command=POST, Server=25678:domain3.local, Service=Traveler) (AlertOrigin=Sentry, AlertId=HTTP503) Got exception during device-to-server processing, Sentry reporting error to client:java.net.SocketTimeoutException: Read timed out