Sumo Logic + Fortigate = My Dashboard
My dashboard – I took the Cisco ASA application from Sumo Logic and converted it into a dashboard that is built from the logging of a Fortigate firewall.
My dashboard – I took the Cisco ASA application from Sumo Logic and converted it into a dashboard that is built from the logging of a Fortigate firewall.
An additional panel that provides a representation of IPS triggered rules.
What you trade for in using Sumo Logic (simplicity, no-maintenance, available everywhere) you pay for in time and complexity when you use ELK for your log management activities.
Finding usage of applications behind your Fortigate firewall can be easily done using Sumo Logic via a dashboard or scheduled search.
Sumo Logic charges for their service by the amount of date ingested into their platform. The examples in this post show you how to get a report of usage broken down by category.
Postfix + Dovecot syslog logs fed into your into Sumo Logic collector.
Parse it to display dashboards of meaningful information and graphs.
Did you know that the Fortigate emits events specific to performance metrics for further analysis?
Me either. Until earlier today.
Finding usage of specific IPs behind your Fortigate firewall can be easily done using Sumo Logic and a dashboard or scheduled search result.
tl;dr: If you do not want to read the details. The 5.2.2 firmware changes ALL service to Protocol Number 6. The solution is navigate to Policy & Objects > Objects > Services > ALL and change Protocol Number to 0 (zero) Testing out a FortiWiFi 30D for placement at customer’s homes. Deployed our stock 5.0 configuration to the device and […]