FAZ and Syslog server | Fortinet Technical Discussion Forums

Join us now!

Username
Password
Verification
	Stay logged in

Forgot Your Password? Forgot your Username? Haven't received registration validation E-mail?

User Control Panel Log out

Forums
Posts

Latest Posts

Active Posts

Recently Visited

Search Results

View More
Blog

Recent Blog Posts

View More
Photos

Recent Photos

My Favorites

View More Photo Galleries
PMs

Unread PMs

Inbox

Send New PM View More
Page Extras
Menu
- Forum Themes
- Member List
- Online User List
- User Groups

Videos, Docs Library, KB

Mark Thread UnreadFlat Reading Mode ❐

AnsweredHot!FAZ and Syslog server

Author Post Essentials Only Full Version
MegaSistemas New Member Total Posts : 11 Scores: 0 Reward points: 0 Joined: 2018/06/05 08:12:14 Status: offline 2018/08/21 08:54:29 (permalink) 0 FAZ and Syslog server Hello guys For a while I used FAZ to get the information from our FGT and reports, but the cost is relevant and then some questions have arisen. The Syslog server has only the function of storing the data and FGT would not query this Syslog data, right? Can we use the Syslog server to receive the data by hosting in a database so that we can make selects to extract information and thus to stop using the FAZ? Which Syslog server would you indicate for this purpose and which can be used with FGT and other network assets? Have you ever used any tool like Power BI to extract information instead of using FAZ? Thank you for your support! Hugs #1 See best answerList Solutions Only 6 Replies Related Threads
emnoc Expert Member Total Posts : 5209 Scores: 339 Reward points: 0 Joined: 2008/03/20 13:30:33 Location: AUSTIN TX AREA Status: offline Re: FAZ and Syslog server 2018/08/21 09:17:55 (permalink) ☼ Best Answerby MegaSistemas 2018/08/30 10:23:59 0 The Syslog server has only the function of storing the data and FGT would not query this Syslog data, right? Correct Can we use the Syslog server to receive the data by hosting in a database so that we can make selects to extract information and thus to stop using the FAZ? Correct Which Syslog server would you indicate for this purpose and which can be used with FGT and other network assets? You have many to use splunk is good , loggly is great , Alertlogic, and papertrails is ideal ( I'm using the latter in a few FGT/PANOS deployments for analysis and it works great for writing log triggers or "alerts" ) Have you ever used any tool like Power BI to extract information instead of using FAZ? NO , see the above suggestions and review them. A 3rd option if a remote-logging service solutions are pricey; is to build a log-server that inject the log messages into a sql database and then build a interface to SELECT FROM on the fields and and log-type. I have a business partner that could do this for you , contact me via PM and I will refer you to them. Ken PCNSE, NSE , Forcepoint , StrongSwan Specialist #2
tanr Platinum Member Total Posts : 681 Scores: 31 Reward points: 0 Joined: 2016/05/09 17:09:43 Status: offline Re: FAZ and Syslog server 2018/08/21 09:48:00 (permalink) 0 Ken, I thought there was an issue with Fortinet using non-standard / extended syslog formats, that the various syslog servers had problems with. Is this no longer an issue? #3
emnoc Expert Member Total Posts : 5209 Scores: 339 Reward points: 0 Joined: 2008/03/20 13:30:33 Location: AUSTIN TX AREA Status: offline Re: FAZ and Syslog server 2018/08/21 10:34:18 (permalink) ☄ Helpfulby tanr 2018/08/21 10:36:42 0 No it's not a issue and can be over come. Also you have a host of other support types CEF or Brief and CSV format. Splunk and syslog-ng for example has modules or addons for CEF format and others formats http://socpuppet.blogspot.com/2017/08/fortios-cef-formatted-logs.html http://socpuppet.blogspot.com/2018/03/fortios-logging-bried.html You will have to test your support and what you need PCNSE, NSE , Forcepoint , StrongSwan Specialist #4
tanr Platinum Member Total Posts : 681 Scores: 31 Reward points: 0 Joined: 2016/05/09 17:09:43 Status: offline Re: FAZ and Syslog server 2018/08/21 10:36:58 (permalink) 0 Great info, thanks! #5
mike_ronn331 New Member Total Posts : 3 Scores: 0 Reward points: 0 Joined: 2019/04/27 05:50:57 Status: offline Re: FAZ and Syslog server 2019/05/09 17:44:22 (permalink) 0 We have a short list of the finest free of cost SYSLOG Server Softwares here for the convenience of our users. Well! there are different kinds of free and paid software available in the market. You can browse and find out the best one. Here i like to talk about some software like Syslog Watcher is amazing software for handling log events that feature a multi-threaded design for improved performance. It means to say that the course of gathering logs and treating them is diverse and that’s why one does not restrict with the other. Because of it you are guaranteed that all events from all your devices are logged to the server. So in case you need to go in detail then you can go for this link https://appuals.com/the-5-best-free-syslog-server-softwares/ and find out a lot more. post edited by mike_ronn331 - 2019/05/22 10:41:35 #6
itsupport@geddesfederal.com New Member Total Posts : 3 Scores: 0 Reward points: 0 Joined: 2016/11/29 13:04:14 Status: offline Re: FAZ and Syslog server 2019/08/06 13:43:16 (permalink) 0 Hmm not familiar with FAZ. Whether you store to syslog files or a database you would need to extract the data, for a database importing and extraction of syslog data can be complicated. we use a syslog server forwarding to graylog. I think Elasticsearch Logstash and Kibana (ELK) may be viable also but a bit more complicated that graylog and standard syslog. #7

Jump to:

© 2019 APG vNext Commercial Version 5.5