Log can received from firewall but cannot show in search

Soradej · August 17, 2022, 9:17am

Hi everyone.

I’m a new member for graylog. This application is version interesting to use but I have some problem as below.

I installed new graylog version 4.3.5 on CentOS 7.9 and try to get syslog from pfSense and Fortigate Firewall.

For pfSense, can get and can show in search page.
For Fortigate, can get log but cannot show in search page.
I had set timezone in graylog config to Asia/Bangkok

How can I solve this problem?
Please kindly help me.

H2Cyber · August 17, 2022, 4:17pm

For Fortinet, make sure you setup a Raw UDP input in Graylog. On the Fortinet side of things, you can tweak the syslog destination port using the following commands :

config log syslogd setting
set status enable
set port XXXX

where XXXX is the UDP port number for the Raw UDP input in Graylog

Soradej · August 18, 2022, 3:43am

Fortinet can send log to graylog as image but cannot show in search.

Soradej · August 18, 2022, 3:44am

Search’s screen shot

Soradej · August 18, 2022, 3:16pm

I’m very wonder in graylog.
This afternoon after login, I can search log from Fortigate and can collect some log as my requirement.

Thank you everyone so much.

system · September 1, 2022, 3:17pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Fortigate / fortinet Logs not collected Graylog Central (peer support)	4	4131	October 8, 2020
Missing Log Source Graylog Central (peer support)	2	783	April 3, 2019
Pfsense Syslog issue Graylog Central (peer support)	16	3450	June 16, 2020
I have to integrate fortigate with graylog for 1 client, if i have another client same firewall fortigate, what are the configuration changes need to be done Graylog Central (peer support)	2	374	August 25, 2023
Fortinet FG300E log collection error Graylog Central (peer support)	2	1145	October 2, 2019

Log can received from firewall but cannot show in search

Related topics