FortiAnalyzer Version 3.0 MR7 Administration Guide
60
05-30007-0082-20080908
Config
System
Configuring an aggregation client
An aggregation client is a FortiAnalyzer unit that sends logs to a aggregation
server. These include models such as the FortiAnalyzer-100A/100B and
FortiAnalyzer-400.
To configure the aggregation client
1
Go to
System
>
Config
>
Log Aggregation
.
2
Select Enable log aggregation TO remote FortiAnalyzer.
3
Set the following settings and select OK:
Configuring an aggregation server
An aggregation server is a FortiAnalyzer unit that receives the logs sent from an
aggregation client. FortiAnalyzer-800/800B models and higher can be configured
as aggregation servers.
To configure the aggregation server
1
Go to
System
>
Config
>
Log Aggregation
.
2
Select Enable log aggregation TO this FortiAnalyzer.
3
Set the following settings and select OK:
Configuring log forwarding
Log forwarding sends duplicates of log messages received by the FortiAnalyzer
unit to a separate Syslog server. This can be useful for additional log storage or
processing.
The log forwarding destination (Remote device IP) may receive either a full
duplicate or a subset of those log messages that are received by the FortiAnalyzer
unit. Log messages are forwarded only if they meet or exceed the Minimum
Severity threshold.
Log forwarding is similar to log uploading or log aggregation, but log forwards are
sent as individual Syslog messages, not whole log files over FTP, SFTP, or SCP,
and not as batches of log files.
To forward log events
1
Go to
System
>
Config
>
Log Forwarding
.
2
Select Enable log forwarding to remote log server.
Remote FortiAnalyzer IP
Enter the IP address of the FortiAnalyzer unit acting as the
aggregation server.
Password
Enter the password for the aggregation server.
Confirm Password
Enter the password again for the aggregation server.
Aggregation daily at
Select the time of the day when the aggregation client uploads
the logs to the aggregation server.
Aggregate Now
Select to send the logs to the aggregation server immediately.
Use this when you want to create a report on the server with the
most current log data.
Password
Enter the password for the aggregation server.
Confirm Password
Enter the password again for the aggregation server.
Содержание FortiAnalyzer 3.0 MR7
Страница 1: ...www fortinet com FortiAnalyzer Version 3 0 MR7 A D M I N I S T R A T I O N G U I D E...
Страница 74: ...FortiAnalyzer Version 3 0 MR7 Administration Guide 74 05 30007 0082 20080908 Maintenance System...
Страница 108: ...FortiAnalyzer Version 3 0 MR7 Administration Guide 108 05 30007 0082 20080908 Rolling and uploading logs Log...
Страница 138: ...FortiAnalyzer Version 3 0 MR7 Administration Guide 134 05 30007 0082 20080908 Browsing reports Reports...
Страница 150: ...FortiAnalyzer Version 3 0 MR7 Administration Guide 142 05 30007 0082 20080908 Output Alert...
Страница 180: ...FortiAnalyzer Version 3 0 MR7 Administration Guide 170 05 30007 0082 20080908 File Explorer Tools...
Страница 232: ...FortiAnalyzer Version 3 0 MR7 Administration Guide 220 05 30007 0082 20080908 Index...
Страница 233: ...www fortinet com...
Страница 234: ...www fortinet com...