https://community.splunk.com/t5/All-Apps-and-Add-ons/What-is-the-difference-between-the-Splunk-for-Fortinet-FortiOS-5/m-p/191527#M19635 <P>Hello, </P> <P>Can somebody please help explain the difference between the Splunk for Fortinet FortiOS 5 and Splunk for Fortigate apps?</P> <P>I have a fortinet v.5.0 ...enabled log forwarding to the Splunk server. Logs are displaying in the Search &amp; Reporting app correctly ...but how can I connect FortiOS 5 app with my fortigate? I am totally new to Splunk and maybe it's not clear what I'm searching, but is it possible to directly connect via the FortiOS 5 or Fortigate app to my the Fortigate Machine??? </P> <P>Thank you very much in advance</P> Sun, 22 Mar 2015 16:09:35 GMT gerisplunk 2015-03-22T16:09:35Z https://community.splunk.com/t5/All-Apps-and-Add-ons/What-is-the-difference-between-the-Splunk-for-Fortinet-FortiOS-5/m-p/191527#M19635 <P>Hello, </P> <P>Can somebody please help explain the difference between the Splunk for Fortinet FortiOS 5 and Splunk for Fortigate apps?</P> <P>I have a fortinet v.5.0 ...enabled log forwarding to the Splunk server. Logs are displaying in the Search &amp; Reporting app correctly ...but how can I connect FortiOS 5 app with my fortigate? I am totally new to Splunk and maybe it's not clear what I'm searching, but is it possible to directly connect via the FortiOS 5 or Fortigate app to my the Fortigate Machine??? </P> <P>Thank you very much in advance</P> Sun, 22 Mar 2015 16:09:35 GMT https://community.splunk.com/t5/All-Apps-and-Add-ons/What-is-the-difference-between-the-Splunk-for-Fortinet-FortiOS-5/m-p/191527#M19635 gerisplunk 2015-03-22T16:09:35Z https://community.splunk.com/t5/All-Apps-and-Add-ons/What-is-the-difference-between-the-Splunk-for-Fortinet-FortiOS-5/m-p/191528#M19636 <P>Hi gerisplunk, </P> <P>Splunk for fortinet just support fortios version 4 and this app is incompatible with fortios 5.<BR /> In "Splunk for Fortinet FortiOS 5", you have a new extractions based on the FortiOS 5 new log format.</P> <P>Installation Instructions:</P> <P>The Splunk for FortiOS 5 can be installed by either the Splunk app setup screen, or by manually installing and configuring the app.<BR /> Once the app is installed, you need to configure the FortiGate firewall to send the logs to Splunk (udp/513 port). Below is shown the required commands to configure the firewall to send the logs (at date, FortiOS 5 do not support syslog configuration in the Web UI):</P> <BLOCKQUOTE> <P>config log syslogd setting</P> <P>set status enable</P> <P>set server splunk_ip</P> <P>set port 513</P> <P>end</P> </BLOCKQUOTE> <P>I love create my own dashboards and then I create my apps, because splunk is esay. Enjoy it. </P> <P>Just check this ebook:<BR /> <A href="http://www.splunk.com/goto/book">http://www.splunk.com/goto/book</A> </P> <P>Cheers!</P> Thu, 11 Jun 2015 20:47:53 GMT https://community.splunk.com/t5/All-Apps-and-Add-ons/What-is-the-difference-between-the-Splunk-for-Fortinet-FortiOS-5/m-p/191528#M19636 dfigurello 2015-06-11T20:47:53Z https://community.splunk.com/t5/All-Apps-and-Add-ons/What-is-the-difference-between-the-Splunk-for-Fortinet-FortiOS-5/m-p/191529#M19637 <P>How do I turn off logging from the fortigate if I decide to stop using splunk? </P> Tue, 07 Jul 2015 18:01:02 GMT https://community.splunk.com/t5/All-Apps-and-Add-ons/What-is-the-difference-between-the-Splunk-for-Fortinet-FortiOS-5/m-p/191529#M19637 jsconner 2015-07-07T18:01:02Z