FortiGate Firewall Content Pack Tested with FortiOS 5.4.0/Graylog 1.3
This content pack provides dashboards the following dashboards:
FortiGate Network Activity - Last 24 Hours FortiGate System Activity - Last 24 Hours FortiGate Threat Summary - Last 24 Hours FortiGate Web Activity - Last 24 Hours
Also Includes:
FortiGate Syslog UDP (Syslog tcp 30000) Extractors (Regular Expressions) Dashboards Requirements
FortiGate Firewall (or FortiAnalyzer) with SYSLOG configured for tcp 30000.
- Import the Content Pack
- Import the extractors
- Point FortiGate syslog to Graylog
Note: As time permits, I hope to create GROK patterns, however feel free to contribute and improve upon this submission