Fortinet black logo

FortiSIEM Reference Architecture Using ClickHouse

Home FortiSIEM 7.1.0 FortiSIEM Reference Architecture Using ClickHouse
7.1.0
7.1.6
7.1.5
7.1.4
7.1.3
7.1.2
7.1.1
7.1.0
7.0.3
7.0.2
7.0.1
7.0.0
6.7.9
6.7.8
6.7.7
6.7.6
6.7.5
6.7.4
6.7.3
6.7.2
6.7.1
6.7.0

Monitoring Network Devices

Monitoring Network Devices

Network device monitoring is typically performed by:

  • SNMP for performance and availability monitoring

  • SSH for configuration monitoring

  • Syslog for device log monitoring

  • Some devices also have platform specific integration via API or similar

Choose the device monitoring method(s) based on the device monitoring use-case, for example:

  • Use syslog alone for basic log ingestion

  • Add SNMP for performance monitoring

  • Add SSH for configuration monitoring

Performing an SNMP discovery of network devices is generally recommended, as it results in the CMDB being populated with device information, performance monitors being enabled, and the FortiSIEM analyst benefiting from additional context and information.

Consult the FortiSIEM External Systems Configuration Guide at https://docs.fortinet.com/document/fortisiem/7.1.0/external-systems-configuration-guide/780675/fortisiem-external-systems-configuration-guide-online for supported devices and the specific protocols required to monitor them.

Previous
Next

Monitoring Network Devices

Network device monitoring is typically performed by:

  • SNMP for performance and availability monitoring

  • SSH for configuration monitoring

  • Syslog for device log monitoring

  • Some devices also have platform specific integration via API or similar

Choose the device monitoring method(s) based on the device monitoring use-case, for example:

  • Use syslog alone for basic log ingestion

  • Add SNMP for performance monitoring

  • Add SSH for configuration monitoring

Performing an SNMP discovery of network devices is generally recommended, as it results in the CMDB being populated with device information, performance monitors being enabled, and the FortiSIEM analyst benefiting from additional context and information.

Consult the FortiSIEM External Systems Configuration Guide at https://docs.fortinet.com/document/fortisiem/7.1.0/external-systems-configuration-guide/780675/fortisiem-external-systems-configuration-guide-online for supported devices and the specific protocols required to monitor them.

Previous
Next