FortiGate
Install FortiGate Add-on for Splunk
You can install FortiGate Add-on for Splunk on search head, indexer, forwarder or single instance Splunk server.
Install FortiGate Application for Splunk
FortiGate Application for Splunk
Download and install the App
Settings, Data models, Fortinet FOS Log, accelrate
/opt/splunk/bin/splunk restart
Search & Reporting App, index=fortigate, Check for sourcetype feild (fortigate_traffic, fortigate_utm, fortigate_event)
Enterprise Security -> Security Domains
Fortinet-Splunk-Deployment-Guide Technical Tip: How to configure syslog on FortiGate
Last updated