Fortinet black logo

External Systems Configuration Guide

Syslog over TLS

To receive syslog over TLS, a port must be enabled and certificates must be defined. The following configurations are already added to phoenix_config.txt in Super/Worker and Collector nodes.

FortiSIEM 5.x:

listen_tls_port_list=6514

tls_certificate_file=/etc/pki/tls/certs/tls_self_signed.crt

tls_key_file=/etc/pki/tls/private/tls_self_signed.key

FortiSIEM 6.x:

listen_tls_port_list=6514

tls_certificate_file=/etc/pki/tls/certs/localhost.crt

tls_key_file=/etc/pki/tls/private/localhost.key

Note: the syslog over TLS client must be configured to communicate properly with FortiSIEM.

To receive syslog over TLS, a port must be enabled and certificates must be defined. The following configurations are already added to phoenix_config.txt in Super/Worker and Collector nodes.

FortiSIEM 5.x:

listen_tls_port_list=6514

tls_certificate_file=/etc/pki/tls/certs/tls_self_signed.crt

tls_key_file=/etc/pki/tls/private/tls_self_signed.key

FortiSIEM 6.x:

listen_tls_port_list=6514

tls_certificate_file=/etc/pki/tls/certs/localhost.crt

tls_key_file=/etc/pki/tls/private/localhost.key

Note: the syslog over TLS client must be configured to communicate properly with FortiSIEM.