Skip to content

jczinger/Fortigate_Content_Pack

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
extractors
extractors
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
fortigate_content_pack.json
fortigate_content_pack.json
 
 

Repository files navigation

FortiGate Firewall Content Pack Tested with FortiOS 5.4.0/Graylog 1.3

This content pack provides dashboards the following dashboards:

FortiGate Network Activity - Last 24 Hours FortiGate System Activity - Last 24 Hours FortiGate Threat Summary - Last 24 Hours FortiGate Web Activity - Last 24 Hours

Also Includes:

FortiGate Syslog UDP (Syslog tcp 30000) Extractors (Regular Expressions) Dashboards Requirements

FortiGate Firewall (or FortiAnalyzer) with SYSLOG configured for tcp 30000.

  1. Import the Content Pack
  2. Import the extractors
  3. Point FortiGate syslog to Graylog

Note: As time permits, I hope to create GROK patterns, however feel free to contribute and improve upon this submission

About

Initial Revision

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published