Chapter 10 Install and System Administration for FortiOS 5.0 : Monitoring : Logging : Sending logs using a secure connection
  
Sending logs using a secure connection
From the FortiGate unit, you can configure the connection and sending of log messages over an SSL tunnel to ensure log messages are sent securely. To do this, use the CLI commands below to enable the encrypted connection and define the level of encryption.
 
You must configure the secure tunnel on both ends of the tunnel, the FortiGate unit and the FortiAnalyzer unit.
This configuration is for FortiAnalyzer OS version 4.0 MR2 or lower. For version 40 MR3, see “Configuring an SSL connection”.
To configure a secure connection to the FortiAnalyzer unit
On the FortiAnalyzer unit, enter the commands:
config log device
edit <device_name>
set secure psk
set psk <name_of_IPSec_tunnel>
set id <fortigate_device_name_on_the_fortianalyzer>
end
To configure a secure connection on the FortiGate unit
On the FortiGate CLI, enter the commands:
config log fortianalyzer setting
set status enable
set server <ip_address>
set local
set localid <name_of_IPSec_tunnel>
end
See Also
Configuring an SSL connection
Logging
FortiGate memory
FortiGate hard disk
Syslog server
See Also
FortiAnalyzer