Can't see messages from Fortigate

lukis · July 19, 2017, 11:30am

Hello,

I have new graylog 2.2.1 installation on ubuntu server 16.04. It works fine with all of our network devices but when I enabled logging from our fortigate cluster I can’t see those logs. Graylog is processing messages from fortigate I see significantly grow of In and Out messages so messages are processed, but I can’t see those logs in sources or cat’t search it. Where could be the problem?

Best regards,
Lukasz

jochen · July 19, 2017, 11:39am

Try using a Raw/Plaintext input and extract the fields relevant for you with extractors or processing pipeline rules.

http://docs.graylog.org/en/2.2/pages/extractors.html
http://docs.graylog.org/en/2.2/pages/pipelines.html

lukis · July 19, 2017, 2:01pm

Plaintext helped. Now I need to build some extractors. Thanks for help!

system · August 2, 2017, 2:01pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Fortigate / fortinet Logs not collected Graylog Central (peer support)	4	4357	October 8, 2020
Graylog doesn't parse logs from Fortigate 400D Graylog Central (peer support)	2	1640	August 31, 2018
Fortigate Issues Graylog Central (peer support)	1	1775	December 6, 2017
Problem displaying Fortigate log messages Graylog Add-ons pipeline-rules	7	4380	August 24, 2020
Syslog Messages and Parsing Fortinet Graylog Central (peer support)	1	605	July 31, 2019

Can't see messages from Fortigate

Related topics