Skip to content

Fortinet

Fortinet provides a rich stream of network telemetry which helps identify attackers in flight.

Data Types

  • Firewall
  • Web Proxy

Configuration

Reference: https://help.fortinet.com/fa/faz50hlp/56/5-6-1/FMG-FAZ/2400_System_Settings/1600_Log%20Forwarding/0400_Configuring.htm

  1. In the FortiAnalyzer console, go to System Settings > Log Forwarding.
  2. Click Create New in the toolbar.
  3. Name the output "CYDERES".
  4. Select "Common Event Format (CEF)" for the Remote Server Type.
  5. For the Server IP, enter in the IP of your CYCLOPS appliance.
  6. For Sending Frequency, select "Real-time".
  7. Choose to send logs from "All FortiGates" with no filters.
  8. Select OK to save the configuration.