(Optional) Forward Log
SOCaaP Sensor can forward logs of different network products to your SOCaaP portal account. You have to configure the sensor in order to do that:
- Open the sensor web interface
- Select 'Advanced Settings' > 'Log Forwarding Configuration' in
the left menu
- Config Name – Label of the log forwarding configuration
- Product Name – Select the network product from the drop-down
- Version – Select the product version number
- Filter Type – Select from the options:
- Host IP
- Keyword
- App Name
- Filtered Value – Enter the appropriate value, for example the IP
number if host IP is selected.
- Click the 'Add' button
The log forwarding configuration is shown in the table below.
- Click 'Save Changes'
You can view saved configurations in the 'Log Forwarding Configuration' and 'Overview' tabs.
- The image above shows an example for Fortigate5.0 log forwarding.