The JSA for Fortinet collects events from Fortinet FortiGate and FortiAnalyzer products.
The following table identifies the specifications for the Fortinet FortiGate DSM:
Table 1: Fortinet FortiGate DSM Specifications
RPM file name
Recorded event types
Includes custom properties?
Fortinet website (http://www.fortinet.com)
To integrate Fortinet FortiGate DSM with JSA, complete the following steps:
If automatic updates are not enabled, download the most recent version of the Fortinet FortiGate RPM on your JSA console:
Download and install the Syslog Redirect protocol RPM to collect events through Fortigate FortiAnalyzer. When you use the Syslog Redirect protocol, JSA can identify the specific Fortigate firewall that sent the event.
For each instance of Fortinet FortiGate, configure your Fortinet FortiGate system to send syslog events to JSA.
If JSA does not automatically detect the log source for Fortinet FortiGate, you can manually add the log source. For the protocol configuration type, select Syslog, and then configure the parameters.
If you want JSA to receive events from Fortinet FortiAnalyzer, manually add the log source. For the protocol configuration type, select Syslog Redirect, and then configure the parameters.
The following table lists the specific parameter values that are required for Fortinet FortiAnalyzer event collection:
Log Source Identifier RexEx