Fortinet provides a rich stream of network telemetry which helps identify attackers in flight.
- Web Proxy
- In the FortiAnalyzer console, go to System Settings > Log Forwarding.
- Click Create New in the toolbar.
- Name the output "CYDERES".
- Select "Common Event Format (CEF)" for the Remote Server Type.
- For the Server IP, enter in the IP of your CYCLOPS appliance.
- For Sending Frequency, select "Real-time".
- Choose to send logs from "All FortiGates" with no filters.
- Select OK to save the configuration.