cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post
Level 7

Kiwi syslog with Fortigate 30b - not receiving log messages

Hi, I am trying to run this simple syslog app, but I am not receiving messages from my fortigate. I opened port 514 on windows firewall, setup UDP 514 listening on kiwi settings and also set up sending to syslog on 514 UDP do my server.

I do not receive any message in kiwi GUI even the log file, in error log is nothing...

I tried to run wireshark and I am listening on UDP 514 and see the messages...

Could you please help me out?

 

Thanks

0 Kudos
2 Replies
Level 11

Is there anything that could be causing contention for port 514 as a listening port on the kiwi syslog server?

I would follow the steps in this video to try to confirm it is actually kiwi listening on the port if you haven't already:

https://www.kiwisyslog.com/resources/video/kiwi-syslog-server-troubleshooting-not-receiving-messages

Next would be to check that it isn't a case where a rule just isn't setup to display on the gui where expected or the messages are getting filtered and set to stop processing before the rule to display on a screen even occurs.

Hopefully you already have this issue resolved, but let us know if you don't and any other checks you have done so far.

Thanks,

-j_a_catlin

Loop1 Systems: SolarWinds Training and Professional Services

0 Kudos

It's been awhile since I've worked with Fortinet stuff, but I do remember that once we had to get into the text-based config to set the source interface of the messages so they could get back to whatever we were working on.  At that point at least the web GUI didn't have the option anywhere to set, but if you dropped to the CLI you could...  Annoying to say the least!!

0 Kudos