-
SuggestedSuggested
- How It Works Streama© is the foundation of Coralogix's stateful streaming data platform, based on our 3 “S” architecture – source, stream, and sink.
- How Monday.com Improved Monitoring to Spend Less Time Searching for Issues Monday.com uses Coralogix to centralize and standardize their logs so they can easily search their logs across the entire stack.
- Creating a Free Data Lake with Coralogix Like many cool tools out there, this project started from a request made by a customer of ours. Having recently migrated to our service, this customer...
Oh no!
Oh no!We didn’t find anything for “”,
please try a different search
Breaking News from AWS re:Invent
Coralogix receives AWS Rising Star award!
FortiGate
FortiGate traffic logs are essential records of network activity generated by Fortinet’s security appliances, providing valuable insights into the traffic patterns, security events, and performance of your network. Send these logs to Coralogix to gain a comprehensive and real-time view of your network’s health and security. With the power of data-driven insights, you can optimize network performance, troubleshoot issues faster, and make informed decisions to enhance your organization’s overall security posture.
This integration guides you on how to configure FortiGate with syslog using OpenTelemetry.
Prerequisites
To ship syslog messages from your FortiGate setup to an OpenTelemetry Collector setup, you are required to satisfy the following prerequisites:
- Syslog over TCP. Configure your FortiGate device to send syslog messages using TCP as the transport protocol.
- Syslog Format. The syslog message format should comply with RFC 5424.
- Destination Address and Port. Set the destination address to the IP address where OpenTelemetry Collector is running and set the destination port to 54526, as defined in your configuration.
- Timestamp Configuration [optional]. We recommend synchronizing your FortiGate device time with a UTC NTP server to match the
location: UTCdefined in your OpenTelemetry setup.
Configuration
Configure Fortigate with syslog using OpenTelemetry.
Example
The following is an example of a receiver configuration:
receivers:
syslog:
tcp:
listen_address: "0.0.0.0:54526"
protocol: rfc5424
operators:
- type: syslog_parser
protocol: rfc5424
parse_from: body
parse_to: body
- type: remove
field: attributes
Customers who have configured syslog protocol RFC 5424 and syslog over TCP should configure the parameter enable_octet_counting=True, as follows:
receivers:
syslog:
tcp:
listen_address: "0.0.0.0:54526"
protocol: rfc5424
enable_octet_counting: true
operators:
- type: syslog_parser
protocol: rfc5424
parse_from: body
parse_to: body
- type: remove
field: attributes
Find out more here.
Additional Resources
| Documentation | Syslog using OpenTelemetry |
Support
Need help?
Our world-class customer success team is available 24/7 to walk you through your setup and answer any questions that may come up.
Feel free to reach out to us via our in-app chat or by sending us an email at [email protected].