FortiAuthenticator enhances security by centralizing storage of user identity information and offering various user authentication methods.

Device Details

Vendor

Fortinet FortiAuthenticator

Device Type

Protected Network

Supported Model Name/Number

Fortinet Enterprise

Supported Software Version(s)

N/A

Collection Method

Syslog

Configurable Log Output?

N/A

Log Source Type

Syslog - Fortinet FortiAuthenticator

Log Processing Policy

LogRhythm Default

Exceptions

N/A

Additional Information

FortiAuthenticator 6.1.1 Administration Guide

FortiAuthenticator 6.0.0 Administration Guide

Prerequisites

To access the Fortinet FortiAuthenticator Syslog, you will need one of the following web browsers:

  • Microsoft Internet Explorer 11 or higher
  • Mozilla Firefox
  • Apple Safari
  • Google Chrome

Device Configuration Checklist

For more detailed information on your FortiAuthenticator device, see the following resources:

Currently Supported Log Types

Type

Product Version

Supported Schema Fields

Admin Configuration Messages

All

<vmid>, <severity>, <login>, <sip>, <action>, <status>, <tag1>, <subject>, <reason>, <tag2>

Authentication MessagesAll

<vmid>, <severity>, <login>, <sip>, <action>, <tag1>, <status>, <tag2>, <subject>, <reason>

System MessagesAll<vmid>, <severity>, <tag1>, <login>, <sip>, <action>, <tag2>, <status>, <subject>, <tag3>, <policy>
High Availability MessagesAll

<vmid>, <severity>, <sip>, <action>, <status>, <subject>

User Portal MessagesAll

<vmid>, <severity>, <sip>, <action>, <status>, <subject>

Web Service MessagesAll<vmid>, <severity>, <sip>, <action>, <status>, <tag1>, <subject>
Catch AllAll<severity>

Parsed Metadata Fields

Device Field Name

LogRhythm Metadata Field

Value/Data Type
Action<action>Text/String
Level<severity>Text/String
NAS / IP<sip>

IP Address

N/A<policy>Text/String
N/A<reason>Text/String
N/A

<subject>

Text/String
Status<status>Text/String
Typeid<vmid>Numeric
User<login>Text/String