Hot!Log Viewer

Author
Domsi
New Member
  • Total Posts : 15
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/05/11 05:42:53
  • Status: offline
2020/02/11 04:05:25 (permalink)
0

Log Viewer

Hi.

I'm sending my logs to a syslog server (Synology NAS). The log files are hard to read, because the "message" column has dozens of values which can't be filtered. I can download the log files from syslog server, but as expected there is also the same message format. FortiAnalyzer is too expensive and I don't want to send my logs to FortiCloud...
 
I have tried some "log viewers" but they are also not able to divide the fields of the the "message" part.

Do you now any viewer (maybe freeware) which can process the forti logs, so that I can filter/hide columns?
#1

4 Replies Related Threads

    Markus
    Gold Member
    • Total Posts : 217
    • Scores: 28
    • Reward points: 0
    • Joined: 2015/03/19 07:30:23
    • Location: Switzerland
    • Status: offline
    Re: Log Viewer 2020/02/11 04:36:24 (permalink)
    0
    Hi

    If you are under 500MB/Day of Logs, you can use Splunk. There is also an App avaiable from Fortinet, with already preconfigured dashboards. Kibana, Sexylog or Graylog are other opensource tools that maybe could fit. But they need some work to configure accordingly.

    Best
    #2
    Domsi
    New Member
    • Total Posts : 15
    • Scores: 0
    • Reward points: 0
    • Joined: 2018/05/11 05:42:53
    • Status: offline
    Re: Log Viewer 2020/02/12 00:22:01 (permalink)
    0
    Thank you Markus.
     
    But I wasn't able to manage this in a suitable way with the recommended tools.
     
    I have enable the "csv" format on the fortigate settings. Then I have created a little application which reads the logs files into a grid, where I can filter an adjust everything as I want.
    #3
    humblePie
    New Member
    • Total Posts : 3
    • Scores: 0
    • Reward points: 0
    • Status: offline
    Re: Log Viewer 2020/02/19 07:21:58 (permalink)
    0
    And for other newbies like me, who are dangerous but want to learn, here is what I did to import to Splunk: Well, I wrote up a detailed set of instructions (with "issues", but like I said, newbie like me and dangerous) then ran across this, which will give much more satisfactory results.
    https://www.fortinet.com/content/dam/fortinet/assets/alliances/Fortinet-Splunk-Deployment-Guide.pdf
     
    post edited by humblePie - 2020/02/20 03:45:43
    #4
    lobstercreed
    Gold Member
    • Total Posts : 162
    • Scores: 21
    • Reward points: 0
    • Joined: 2018/11/28 14:57:58
    • Location: Sedalia, MO
    • Status: offline
    Re: Log Viewer 2020/02/25 08:31:43 (permalink)
    0
    Do you have the ability to run FortiAnalyzer on a VM?  The license and maintenance is dirt cheap (~$1k/year for what we use) compared to the value you will get .  It can also serve as an excellent syslog server for anything else you may want to throw at it.
    #5
    Jump to:
    © 2020 APG vNext Commercial Version 5.5