Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

External Systems Configuration Guide

Change Log

Date Change Description
2018-05-23 Initial version of the guide.
2018-07-24 Revision 2 with a new section under Windows Server Configuration - Configuring Log Monitoring for Non-Administrative User.
2018-08-07 Revision 3 with updated section: Fortinet FortiGate Firewall
2018-09-12 Revision 4 with updated section: Microsoft Azure Audit
2018-09-26 Revision 5 with updated section: WatchGuard Firebox Firewall
2018-11-28 Revision 6 with updated section: Fortinet FortiGate Firewall > Configuring SSH on FortiSIEM to communicate with FortiGate
2019-01-29 Revision 7: updated section: Cisco FireSIGHT
2019-03-15 Revision 8: new section: Threat Intelligence
2019-03-28 Revision 9: updates the guide to reflect the new menu hierarchy in the FortiSIEM tool.
2019-04-24 Revision 10: added Carbon Black Security Platform under End Point Security Software.
2019-07-24 Revision 11: updated integration instructions for Microsoft Office 365 Audit.
2019-10-22 Revision 12: added Clavister Firewall and FortiADC devices. Added Active Directory User Discovery section to Microsoft Active Directory device. Corrections to SQL Server DDL Event Creation Script and SQL Server Database Level Event Creation Script.
2019-11-22 Revision 13: added Zeek (Bro) installation instructions for Security Onion, Cyberoam FortiADC, Epic SecuritySIEM, FortiEDR, FortiNAC, FortiDeceptor, Microsoft Network Policy Server, TrendMicro Deep Discovery. Changed the name of Cisco FireAMP to Cisco AMP Cloud V0. Changed the name of Cisco AMP to Cisco AMP Cloud V1.
2020-01-03 Revision 14: added CradlePoint.
2020-04-15 Revision 15: added Alert Logic Iris API, AWS Kinesis, AWS Security Hub, Cisco Amp, GitLab Cli, Azure Event Hub, Azure Compute, McAfee ePolicy Orchestrator, LastLine, Imperva Securesphere Web App Firewall, Imperva Securesphere DB Security Gateway, Imperva Securesphere DB Monitoring Gateway, Green League WVSS, FortiInsight, Damballa Failsafe, AWS EC2, Cisco Fireamp, Novell Netware, Green League RSAS, Checkpoint SmartCenter, FortiTester, Cisco Viptela, MobileIron, Duo, Indegy Industrial Cybersecurity Suite, Netwrix, Darktrace DCIP, Hirschmann SCADA Firewalls and Switches.
2020-07-22 Revision 16: Edits to Cisco AMP Cloud V0 and Cisco AMP Cloud V1.
2020-10-09 Revision 17: Added Alcide io KAudit, Stormshield Network Security and Tigera Calico
2020-12-18 Revision 18: Added note to AWS CloudTrail API Configuration
2021-01-05 Revision 19: Added Mapping Active Directory User Attributes to FortiSIEM User Attributes.
2021-02-03 Revision 20: Updated Malwarebytes to Malwarebytes Endpoint Protection.
2021-03-03 Revision 21: Added NetApp Data ONTAP Supported Version.
2021-03-18 Revision 22: Added Claroty Continuous Threat Detection, Corero Smartwall Threat Defense, Dragos Platform, Malwarebytes Breach Remediation, Oracle Cloud Access Security Broker (CASB), Proofpoint.
2021-04-05 Revision 23: Updated Linux server section.
2021-04-07 Revision 24: Updated AWS Kinesis for 6.2.0.
2021-04-16 Revision 25: Updated Microsoft Office 365 Audit "Create the Office 365 API Credential" steps.
2021-04-23 Revision 26: Added Salesforce Configuration for 6.2.0, 6.1.x, 5.4.0, 5.3.x, 5.2.x releases.
2021-11-30 Revision 27: Updated FortiSIEM External Ports Collector Communication table.
2021-12-06 Revision 28: Updated Enable WinRM and set authentication in Microsoft Windows Server.
2022-01-07 Revision 29: SNMP V3 Traps section added.
2022-03-01 Revision 30: Flow Support section added.

2022-03-02

Revision 31: Updated MySQL Server - Settings for MySQL Server JBDC Access Credentials for Database Auditing - Audit Table field.

Change Log

Date Change Description
2018-05-23 Initial version of the guide.
2018-07-24 Revision 2 with a new section under Windows Server Configuration - Configuring Log Monitoring for Non-Administrative User.
2018-08-07 Revision 3 with updated section: Fortinet FortiGate Firewall
2018-09-12 Revision 4 with updated section: Microsoft Azure Audit
2018-09-26 Revision 5 with updated section: WatchGuard Firebox Firewall
2018-11-28 Revision 6 with updated section: Fortinet FortiGate Firewall > Configuring SSH on FortiSIEM to communicate with FortiGate
2019-01-29 Revision 7: updated section: Cisco FireSIGHT
2019-03-15 Revision 8: new section: Threat Intelligence
2019-03-28 Revision 9: updates the guide to reflect the new menu hierarchy in the FortiSIEM tool.
2019-04-24 Revision 10: added Carbon Black Security Platform under End Point Security Software.
2019-07-24 Revision 11: updated integration instructions for Microsoft Office 365 Audit.
2019-10-22 Revision 12: added Clavister Firewall and FortiADC devices. Added Active Directory User Discovery section to Microsoft Active Directory device. Corrections to SQL Server DDL Event Creation Script and SQL Server Database Level Event Creation Script.
2019-11-22 Revision 13: added Zeek (Bro) installation instructions for Security Onion, Cyberoam FortiADC, Epic SecuritySIEM, FortiEDR, FortiNAC, FortiDeceptor, Microsoft Network Policy Server, TrendMicro Deep Discovery. Changed the name of Cisco FireAMP to Cisco AMP Cloud V0. Changed the name of Cisco AMP to Cisco AMP Cloud V1.
2020-01-03 Revision 14: added CradlePoint.
2020-04-15 Revision 15: added Alert Logic Iris API, AWS Kinesis, AWS Security Hub, Cisco Amp, GitLab Cli, Azure Event Hub, Azure Compute, McAfee ePolicy Orchestrator, LastLine, Imperva Securesphere Web App Firewall, Imperva Securesphere DB Security Gateway, Imperva Securesphere DB Monitoring Gateway, Green League WVSS, FortiInsight, Damballa Failsafe, AWS EC2, Cisco Fireamp, Novell Netware, Green League RSAS, Checkpoint SmartCenter, FortiTester, Cisco Viptela, MobileIron, Duo, Indegy Industrial Cybersecurity Suite, Netwrix, Darktrace DCIP, Hirschmann SCADA Firewalls and Switches.
2020-07-22 Revision 16: Edits to Cisco AMP Cloud V0 and Cisco AMP Cloud V1.
2020-10-09 Revision 17: Added Alcide io KAudit, Stormshield Network Security and Tigera Calico
2020-12-18 Revision 18: Added note to AWS CloudTrail API Configuration
2021-01-05 Revision 19: Added Mapping Active Directory User Attributes to FortiSIEM User Attributes.
2021-02-03 Revision 20: Updated Malwarebytes to Malwarebytes Endpoint Protection.
2021-03-03 Revision 21: Added NetApp Data ONTAP Supported Version.
2021-03-18 Revision 22: Added Claroty Continuous Threat Detection, Corero Smartwall Threat Defense, Dragos Platform, Malwarebytes Breach Remediation, Oracle Cloud Access Security Broker (CASB), Proofpoint.
2021-04-05 Revision 23: Updated Linux server section.
2021-04-07 Revision 24: Updated AWS Kinesis for 6.2.0.
2021-04-16 Revision 25: Updated Microsoft Office 365 Audit "Create the Office 365 API Credential" steps.
2021-04-23 Revision 26: Added Salesforce Configuration for 6.2.0, 6.1.x, 5.4.0, 5.3.x, 5.2.x releases.
2021-11-30 Revision 27: Updated FortiSIEM External Ports Collector Communication table.
2021-12-06 Revision 28: Updated Enable WinRM and set authentication in Microsoft Windows Server.
2022-01-07 Revision 29: SNMP V3 Traps section added.
2022-03-01 Revision 30: Flow Support section added.

2022-03-02

Revision 31: Updated MySQL Server - Settings for MySQL Server JBDC Access Credentials for Database Auditing - Audit Table field.