Graylog doesn't parse logs from Fortigate 400D

kaxoc · August 17, 2018, 7:40am

Hello! I’m trying to send logs from Fortigate 400D and all seems working at first glance:

But when i try to look at them, graylog shows “Nothing found”.

After that, i made several other inputs and tested them. Only Raw/Plaintesxt UDP worked for FortiGate 400D. But this is obvious that they are not readable in that format.

Does anybody solved this?

Thnks!

jan · August 17, 2018, 8:57am

maybe you can add more information to this issue: https://github.com/Graylog2/graylog2-server/issues/3854

your only option is to use the RAW Input and parse the messages with processing pipelines (or extractors) into something readable.

Topic		Replies	Views
Fortigate and Greylog Graylog Tech Challenges	4	3229	July 22, 2021
Can't see messages from Fortigate Graylog Central (peer support)	3	1598	August 2, 2017
Fortigate / fortinet Logs not collected Graylog Central (peer support)	4	4564	October 8, 2020
Fortigate extractors the NEW Marketplace	2	2884	March 28, 2024
Log can received from firewall but cannot show in search Graylog Central (peer support)	5	284	September 1, 2022

Graylog doesn't parse logs from Fortigate 400D

Related topics