Skip to content

Fortinet

Fortinet provides a rich stream of network telemetry which helps identify attackers in flight.

Data Types

  • FORTINET_FIREWALL

Configuration

Reference: https://help.fortinet.com/fa/faz50hlp/56/5-6-1/FMG-FAZ/2400_System_Settings/1600_Log%20Forwarding/0400_Configuring.htm

  1. In the FortiAnalyzer console, navigate to System Settings > Log Forwarding
  2. Click Create New in the toolbar
  3. Name the output "Cyderes"
  4. Select "Common Event Format (CEF)" for the Remote Server Type
  5. For the Server IP, enter in the IP of the CYCLOPS appliance
  6. For Sending Frequency, select "Real-time"
  7. Choose to send logs from "All FortiGates" with no filters
  8. Select OK to save the configuration