To set up Fortinet FortiGate Firewall Collector, do the following procedures, below:
Enable Fortinet FortiGate Firewall Collector
Install the XDR Collector
Configure the firewall
Open the port on the XDR Collector Host
Enable Fortinet FortiGate Firewall Collector
In Barracuda XDR Dashboard, navigate to Administration > Integrations.
On the Fortinet FortiGate Firewall Collector card, click Setup.
Select the Enable check box.
Click Save.
Install the XDR Collector
If you haven't already set up the XDR Collector, do one of the following:
Configuring the Firewall
Log into the FortiGate command line and run the command below, where
<X.X.X.X>
is the IP address of the Collector:config log syslogd setting
set status enable
set server <X.X.X.X>
set mode udp
set port 9202
set facility local7
end
Open the Port on the XDR Collector Host
Ensure incoming traffic is allowed on UDP port 9202.
Linux
sudo ufw allow 9202/udp
Windows
netsh advfirewall firewall add rule name="Fortinet FortiGate Firewall Events" dir=in action=allow protocol=UDP localport=9202