Skip to content

Fortinet FortiNAC

Before You Begin

  • Ensure you have an active FortiNAC account with administrator privileges.
  • FortiNAC login credentials.
  • Familiarity with REST API and token-based authentication.

Steps to Send FortiNAC Logs to Cribl for Monitoring

Log in to FortiNAC Console

  1. Access the FortiNAC Administration Console:
  2. Log in to the FortiNAC web interface using an administrator account.

Generate API Token

  1. Navigate to API Management:
  2. Follow the FortiNAC documentation to generate an API token for accessing the REST API.

Configure API Access

  1. API User and Permissions:
  2. Ensure the API user has appropriate permissions to access the required log data.

After completing the initial steps to set up API access in FortiNAC, please provide the following information to our support team to configure Cribl for receiving and processing FortiNAC logs:

API Access Details

API Token: The API token generated for accessing the FortiNAC REST API. This token is required for authentication when fetching logs.

FortiNAC Server Information

FortiNAC Server URL: The base URL of your FortiNAC server (e.g., https://fortinac.example.com).

Log Data Information

Log Types: Specify the types of logs being sent (e.g., network access logs, security events, system logs).

Log Format: The format of the logs being sent (e.g., JSON).

Additional Configuration Details

Log Fetching Frequency: The desired frequency for fetching logs from FortiNAC (e.g., every 5 minutes, hourly).

Any Specific Filters or Parameters: Any specific filters or parameters to apply when fetching logs (e.g., specific time ranges, event types).

Destination Configuration in Cribl

Desired Output Destination: Specify where the processed logs should be sent (e.g., a SIEM, data lake, or other logging infrastructure).

Destination Details: Provide details for the output destination, such as the endpoint URL, authentication credentials, and any specific configuration settings.

Please send the above details to our support team via an "Onboard Log source request in your SecurIST platform

Getting Help

If you encounter any issues or need assistance during this process, our support team is here to help. You can reach out to us through:

Support Portal: Submit a ticket via our support portal for detailed assistance. Documentation: Refer to our extensive documentation library for troubleshooting and additional guides.

By providing these details, we will be able to configure SecurIST to accept and process Bitdefender logs for your SIEM service.