FortiManager

Once FortiManager is configured to deliver events to EventTracker Manager; alerts, dashboards, and reports can be configured into EventTracker.

Reports

FortiManager - FGFM protocol operations – This report includes events related to FortiGate-FortiManager protocol operations.
FortiManager – Device configuration changes – Device configuration operation includes events where the new configuration is added or updated on the existing objects.

Alerts

FortiManager - Log daemon fluctuation detected – This alert is triggered when the FortiManager log daemon frequently fluctuates. i.e. series of log daemon up/down events.

Reports

FortiManager - High availability events - High availability events are the events considered for a peer/ backup device for the primary FortiManager appliance. This report will display the peer devices up/ down status (if any).
FortiManager - System manager events - System management includes events associated with the devices/ system present in the network or associated with FortiManager.
FortiManager - Managed device operations - Managed device operations include events such as unexpected/ unplanned reboot and shut down by Forti devices.
FortiManager - Deployment manager operations- This report provides information about the process of deployment. It shows information about the failure or success status of the deployment.
FortiManager - Device Manager operations - This report includes events related to FortiManager device activities.
FortiManager - Log daemon UP/ Down events – This report includes a summary of logging daemon status up/down and reason.

Alerts

FortiManager - unexpected system rebooted triggered - This alert is triggered when there is an unexpected/ unplanned system reboot occurs in FortiManager.
FortiManager - unexpected device rebooted triggered - This alert is triggered when there is an unexpected/ unplanned system reboot occurs in any Forti device.
FortiManager - unexpected device shutdown triggered - This alert is triggered when there is an unexpected/ unplanned system shutdown occurs in any Forti device.
FortiManager - unexpected system shutdown triggered - This alert is triggered when there is an unexpected/ unplanned system shutdown that occurs in FortiManager.
FortiManager - User login fail (SSH auth) detected – This alert is triggered when an SSH authentication failure is detected by FortiManager
FortiManager - User login fail (Web service) detected – This alert is triggered when a user fails to provide valid authorization via the web-based user interface.

Reports

FortiManager - web service (Login Error) – This report includes a summary of the failed login of a user via the web-based user interface.

The configuration details are consistent with EventTracker version 9.x and later, and FortiManager v6.2.0 and later.

To configure FortiManager to send logs to EventTracker, refer to the How-to Guide.

For more information, please refer to the FortiManager Integration Guide.