FortiGate

Install FortiGate Add-on for Splunk

FortiGate Add-on for Splunk

  • You can install FortiGate Add-on for Splunk on search head, indexer, forwarder or single instance Splunk server.

Install FortiGate Application for Splunk

FortiGate Application for Splunk

  • Download and install the App

  • Settings, Data models, Fortinet FOS Log, accelrate

  • /opt/splunk/bin/splunk restart

  • Search & Reporting App, index=fortigate, Check for sourcetype feild (fortigate_traffic, fortigate_utm, fortigate_event)

  • Enterprise Security -> Security Domains

Fortinet-Splunk-Deployment-Guide Technical Tip: How to configure syslog on FortiGate

PreviousCrowdstrike Integrations with Splunk Enterprise and ESNextMicrosoft Azure

Last updated