Dear All,
I have just installed GrayLog Open server on the below
Rocky Linux 8.8
graylog-enterprise-5.0.13-1.x86_64
I want to send my forgate 1500D logs to graylog server
can anyone advise me and also help me with some links which could guid me
first time installed gray log server
thnaks and regards
simon
Hi, there is some old Blogpost about Syslog Ingest.
And for Fortinet you can take a look at
/hasturo
Dear Husturo,
Thanks for your reply
BTW i have now downloaded n installed the below content pack
Fortigate 6.x Content Pack for graylog3 by patrick ritche from github.
Binf IP is 0.0.0.0 and syslog port is 1500
Appreciate your kind help in troubleshooting the issue
regards
simon
Check Date/Time on Gryalog server.
dear smith,
Thanks for the reply
time is fine on server
Just to check I created a new input and here the settings
on Graylog server
bind_address: 0.0.0.0
charset_name: UTF-8
number_worker_threads: 10
override_source:
port: 11514
recv_buffer_size: 262144
On FortyGate
KWM-FG # sh log syslogd setting
config log syslogd setting
set status enable
set server “Graylog Server IP”
set port 11514
end
The above config works fine when I select default stream or if the search stream bar is empty
Now if I select from the same search bar fortgaite traffic logs its empty but I see there in in/out bytes value changing
attached is a snapshot of my dashboard
appreciate your advice and assistance
Also dashboard are blank
Server is enterprise 5.0.13
regards
simon
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
