Log can received from firewall but cannot show in search

Soradej · August 17, 2022, 9:17am

Hi everyone.

I’m a new member for graylog. This application is version interesting to use but I have some problem as below.

I installed new graylog version 4.3.5 on CentOS 7.9 and try to get syslog from pfSense and Fortigate Firewall.

For pfSense, can get and can show in search page.
For Fortigate, can get log but cannot show in search page.
I had set timezone in graylog config to Asia/Bangkok

How can I solve this problem?
Please kindly help me.

H2Cyber · August 17, 2022, 4:17pm

For Fortinet, make sure you setup a Raw UDP input in Graylog. On the Fortinet side of things, you can tweak the syslog destination port using the following commands :

config log syslogd setting
set status enable
set port XXXX

where XXXX is the UDP port number for the Raw UDP input in Graylog

Soradej · August 18, 2022, 3:43am

Fortinet can send log to graylog as image but cannot show in search.

Soradej · August 18, 2022, 3:44am

Search’s screen shot

Soradej · August 18, 2022, 3:16pm

I’m very wonder in graylog.
This afternoon after login, I can search log from Fortigate and can collect some log as my requirement.

Thank you everyone so much.

Topic		Replies	Views
Fortigate / fortinet Logs not collected Graylog Central (peer support)	4	4560	October 8, 2020
View FortyGate Firewall Logs Graylog Central (peer support)	5	491	March 14, 2024
How to add pfsense input into graylog. what configuration should be done on pfsense and graylog Graylog Central (peer support)	6	1762	September 25, 2023
I get a log For Device system Alerts received message but No results on search page Help Me Graylog Central (peer support) pipeline-rules	7	1401	July 27, 2020
Can't see messages from Fortigate Graylog Central (peer support)	3	1596	August 2, 2017

Log can received from firewall but cannot show in search

Related topics