FortiWeb

To onboard such an appliance to Axoflow, complete the generic appliance onboarding steps.

Labels

Axoflow automatically adds the following labels to data collected from this source:

label value
vendor fortinet
product fortiweb
product kv

Sending data to Splunk

When sending the data collected from this source to Splunk, Axoflow uses the following sourcetype and index settings:

sourcetype index
fwb_log netops
fwb_attack netids
fwb_event netops
fwb_traffic netfw

Tested with: Fortinet FortiWeb Add-0n for Splunk technical add-on