How to Configuration Collecting Fortigate log messages and sending them to Sumo Logic.


1 comment

  • Avatar
    Andrzej Stefański

    Hi So, 

    To make a connection between on-prem and cloud environment in case of FortiGate we use installed collector as described in the document you reference. On the installed collector we create SysLog Source which exposes syslog interface where FortiGate can push logs. In such case FortiGate delivers logs to local endpoint and all the risk of connectivity issues with cloud environment and hurdle with encrypting data in transfer to the cloud is on the collector and jumphost. 

    Bottom line is that currently advised and supported way is to install Collector close to the FortiGate and configure Syslog Source where FortiGate will upload the logs. 


    Comment actions Permalink

Please sign in to leave a comment.