Use Cases – Fortinet

How to export your Fortinet Netflow Logs to the LucidView Data Analysis Portal

Step 1: Register on the LucidView Data Analysis Portal by clicking on the link and following the instructions.

Step 2: Get your IP Address from the LucidView Data Analysis Portal in order to export your Netflow Logs. Please ensure that the source IP address used during the registration process is correct as only data from the registered IP address will be accepted on the Lucidview Netflow collector.

  • To get your IP Address you simply need to (Ben help)

Step 3: Configure your Fortinet to export Netflow Flows to the collector assigned to your device.  For additional information on how to achieve this please see select the following link, Fortinet Netflow collector configuration.

In short from the Fortinet knowledge base site the following instructions are required.

config system netflow
set collector-ip <IP Address of the Netflow Collector>
set collector-port <Port of the Netflow Collector>
end

config system interface
edit <Interface Name>
set netflow-sampler both
end

 

Step 4:  Wait roughly thirty minutes and then check your dashboard.  You should now see it populating with data.

Step 5:  Enter your email address to receive daily reports from the LucidView Data Analysis Portal on your specific logs.