Skip to content

Forward Fortinet logs

Configure Fortinet to forward syslog messages in CEF format.

Open the CLI on your Fortinet appliance and run the following commands:

config log syslogd setting
set status enable
set format cef
set port 514
set server <ip_address_of_Receiver>
end
  • Replace the server ip address with the IP address of the LogSentinel Collector.
  • Set the syslog port to 514 or the port you have configured.
  • To enable CEF format in early FortiOS versions, you might need to run the command set csv disable.

Note

For more information, go to the Fortinet document library. Select your version, and use the Handbook and Log Message Reference.