Wazuh decider fir Forigate Version 7
258 views
Skip to first unread message
Shenal Perera
Jul 27, 2023, 2:50:17 AM7/27/23
to Wazuh mailing list
Hi All,
I have a requirement to forward logs from a Fortinet v7.4 firewall. Are the wazuh decoders supported with this version?
Furthermore, let me know the supported FortiGate versions as well
The decoder shows it only supports the below versions. is there any new update which can support version 7
Thank you
Rolly Davany Mougoue Kakanou
Jul 27, 2023, 3:44:27 AM7/27/23
to Wazuh mailing list
Hello Shenal and thanks for using wazuh.
In the latest version of wazuh(v4.4.5) FortiOS 7 is unfortunately not listed as part of the supported fortigate versions. Nevertheless depending on the structure of the logs, you could copy and edit existing decoders and rules for v6.0 to make it match your firewall.
In the latest version of wazuh(v4.4.5) FortiOS 7 is unfortunately not listed as part of the supported fortigate versions. Nevertheless depending on the structure of the logs, you could copy and edit existing decoders and rules for v6.0 to make it match your firewall.
I'll be sending a memo to the core team requesting to include decoder and rules for FortiOS 7.0 in next release.
Regards,
Shenal Perera
Jul 27, 2023, 3:58:14 AM7/27/23
to Wazuh mailing list
Hi Rolly,
Thank you very much for the prompt response.
Will it be possible for your team to develop a decoder if I share some raw logs with you?
Thank you
Rolly Davany Mougoue Kakanou
Jul 27, 2023, 5:30:30 AM7/27/23
to Wazuh mailing list
Hi Shenal and sorry for the delay.
Yes that works too. Feel free to share here a sample of your logs and I'll revert to you with a custom decoder and rule.
Regards,
Rolly
Shenal Perera
Jul 27, 2023, 5:34:01 AM7/27/23
to Wazuh mailing list
Hi Rolly,
Thanks for the response, Please allow me sometime to grab sample logs for you.
Thank you
Reply all
Reply to author
Forward
0 new messages