Real time logging to FortiAnalyzer and FortiCloud

Real time logging to FortiAnalyzer and FortiCloud

FortiOS 5.6.0 adds new real-time logging options for FortiAnalyzer in System > Security Fabric and for FortiCloud in Log & Report > Log Settings. The default option is still every 5 minutes, but this will allow near real-time uploading and consistent high-speed compression and analysis.

For FortiAnalyzer, the CLI syntax to enable real-time is:

config log fortianalyzer setting set upload-option [realtime/1-minute/5-minute]

For FortiCloud:

config log fortiguard setting set upload-option [realtime/1-minute/5-minute]

Reliable Logging updated for real-time functionality (378937)

Previously, reliable logging was a feature for buffering and collecting logs for upload, to guarantee that no logs would be dropped before being passed to logging solutions. Reliable logging has been updated for 5.6.0 and is now enabled by default, so that real-time logs do not outpace upload speed.

It can be configured in the CLI with:

config log fortianalyzer setting set reliable [enable/disable]

FortiGate Logs can be sent to syslog servers in Common Event Format (CEF) (300128)

 

Reliable Logging updated for real-time functionality (378937)

 


Having trouble configuring your Fortinet hardware or have some questions you need answered? Ask your questions in the comments below!!! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

Don't Forget To Buy Your Fortinet Hardware From The Fortinet GURU

Leave a Reply

Name *
Email *
Website

This site uses Akismet to reduce spam. Learn how your comment data is processed.