Back to listing

Fortinet FortiGate

Content Pack

Initial Revision



23 Jan 11:13

Last Push

11 Jun 14:02

Marketplace Rating



Your Rating

Please sign in to rate this add-on.


ahiyaz about 2 years ago

did someone try this with graylog 3.xx?

dobier over 3 years ago

Did they take down the fortinet content pack?

tkemp93551 almost 4 years ago

I can't seem to get the cpu, avg bytes, etc utilization graphs to populate. Changed the source per my comment below to my FW. Not sure if my FortiGate supports this. Running 5.4.4 firmware..Anyone get the system activity graphs working?

tkemp93551 almost 4 years ago

I just installed this and noticed no graphs/data was populating in the dashboards. You have to edit the widgets in the dashboard. Unlock when in a dashboard, and click the pencil icon in bottom right. Change the "source:fwf92d3g14000548" to the id of your firewall. Check you stream or input and look for the name under source for your firewall and substitute it for the fwf92d3g14000548.

giangiluca about 4 years ago

Hi All i have same problem i have imported fortigate collector changed json file with name and port but i don't see populated graph, somebody can help me?

Guruleenyc over 4 years ago

So more good news. This allowed me to identify a top malicious being blocked by my Fortinet, which in turn allowed me to associate it with a suspicious AD/content on the CT Harford Courant website.

Guruleenyc over 4 years ago

I got it working! See my posts on Github. Cheers!

Guruleenyc over 4 years ago

I noticed that most Dashboard widgets search queries start with: source:fwf92d3g14000548. Where is this value declared? My Input is placing a different value using the Fortigate server hostname. Is this what is breaking the reports?

Guruleenyc over 4 years ago

Still no data on any of the dashboards. Can anyone shed light on this, or have gotten it working?

Guruleenyc over 4 years ago

Okay, the Extractors get imported into Graylog / System / Imputs / Manage Extractors / Import

Guruleenyc over 4 years ago

Where do we import the Extractors? I tried under Graylog / System / Grok Patterns / but after its successfully accepted file, extractors do not show in list.

Guruleenyc over 4 years ago

I am testing this too! Just installed it on my Graylog 2.2.3 on Ubuntu 16. I also do not see a pre-defined Stream. How does the Dashboards get populated with traffic going to Input UDP/3000?

mikesolverud over 4 years ago

I have the messages coming into the Graylog server, however none of the dashboards are showing information.
The extractors are there, but there is no Stream for this content pack. Is this correct?

Please sign in to comment.

Back to listing