Fortinet FortiManager
What is Discovered and Monitored
Protocol | Information Discovered | Metrics Collected | Used For |
---|---|---|---|
SNMP | Host name, Hardware model, Network interfaces, Operating system version | Uptime, CPU and Memory utilization, Network Interface metrics (utilization, bytes sent and received, packets sent and received, errors, discards and queue lengths) | Availability and Performance Monitoring |
Event Types
Regular monitoring events
- PH_DEV_MON_SYS_CPU_UTIL
- PH_DEV_MON_SYS_MEM_UTIL
- PH_DEV_MON_SYS_DISK_UTIL
- PH_DEV_MON_NET_INTF_UTIL
Rules
Regular monitoring rules
Reports
Regular monitoring reports
Configuration
Configuring FortiManager to send Local Logs to Syslog Server
To configure FortiManager to sent local logs to the syslog server, take the following steps:
-
Go to System Settings > Advanced > Syslog Server to configure syslog server settings.
-
Double-click on a server, right-click on a server, and then select Edit from the menu, or select a server then click Edit in the toolbar. The Edit Syslog Server Settings pane opens.
-
Edit the settings as required, and then click OK to apply the changes.
Configuring FortiManager for Security and Compliance and Perf Logs
To configure FortiManager for Security and Compliance and Perf Logs, take the following steps:
-
Go to System Settings > Advanced > SNMP to configure the SNMP agent.
-
Select an SNMP Agent to enable/Select the Enable checkbox.
-
Configure the SNMP Agent.
Configure an SNMPv3 User
-
Go to System Settings > Advanced > SNMP and ensure the SNMP agent is enabled.
-
In the SNMP v3 section, click Create New in the toolbar. The New SNMP User pane opens. Enter the following:
-
In the User Name field, enter "fortisiem".
-
In Security Level, select Authentication, Privacy.
-
Select Authentication Algorithm (SHA1, MD5) the Private Algorithm (AES, DES).
-
Select SHA1 and enter the password.
-
Select AES and enter the password.
-
Select Queries to enable, and leave the default port UDP to 161.
-
In the Notification Hosts field, enter the FortiSIEM collector IP address.
-
In SNMP Event, select all events.
-
Click Save.
-
You can now configure FortiSIEM to communicate with FortiManager. For more information, refer to sections "Discovery Settings" and "Setting Credentials" in the User Guide. For Device Type Fortinet FortiManager, see Access Credentials.