Fortinet black logo

External Systems Configuration Guide

HyTrust CloudControl

HyTrust CloudControl

What is Discovered and Monitored

Protocol Information Discovered Data Collected Used for
Syslog (CEF format) - Over 70 event types Security and Compliance

Event Types

In RESOURCES > Event Types, search for "HyTrust-" in the main content panel Search... field to see the event types associated with this device or application.

Sample Event Type:

<172>Mar 22 03:32:36 htcc136.test.hytrust.com local5: CEF:0|HyTrust|HyTrust CloudControl|5.0.0.50821|ARC0031|TEMPLATE_OPERATION_ERRORED_ERR|6| rt=Mar 22 2017 03:32:36.196 UTC act=HostOperation dst=192.168.213.154 src=192.168.213.10 suser=ARC deviceExternalId=6u1b-esxi2.test.hytrust.com deviceFacility=HostSystem msg=Template operation VHG6.0 esxi-check-patch-version error  on host 6u1b-esxi2.test.hytrust.com (192.168.213.154). privilege={}

Rules

There are no specific rules but generic rules for Security Manager and Generic Servers apply.

Reports

There are no specific reports but generic rules for Security Manager and Generic Servers apply.

Configuration

Configure HyTrust CloudControl to send syslog on port 514 to FortiSIEM.

HyTrust CloudControl

What is Discovered and Monitored

Protocol Information Discovered Data Collected Used for
Syslog (CEF format) - Over 70 event types Security and Compliance

Event Types

In RESOURCES > Event Types, search for "HyTrust-" in the main content panel Search... field to see the event types associated with this device or application.

Sample Event Type:

<172>Mar 22 03:32:36 htcc136.test.hytrust.com local5: CEF:0|HyTrust|HyTrust CloudControl|5.0.0.50821|ARC0031|TEMPLATE_OPERATION_ERRORED_ERR|6| rt=Mar 22 2017 03:32:36.196 UTC act=HostOperation dst=192.168.213.154 src=192.168.213.10 suser=ARC deviceExternalId=6u1b-esxi2.test.hytrust.com deviceFacility=HostSystem msg=Template operation VHG6.0 esxi-check-patch-version error  on host 6u1b-esxi2.test.hytrust.com (192.168.213.154). privilege={}

Rules

There are no specific rules but generic rules for Security Manager and Generic Servers apply.

Reports

There are no specific reports but generic rules for Security Manager and Generic Servers apply.

Configuration

Configure HyTrust CloudControl to send syslog on port 514 to FortiSIEM.