Which statement is correct?

An administrator is configuring FortiSIEM to discover network devices and receive syslog from network devices.

Which statement is correct?
A . FortiSIEM uses privileged credentials to tog in to devices and make network configuration changes.
B . FortiSIEM automatically configures network devices to send syslog using the auto log discovery process.
C . FortiSIEM automatically configures network devices to send syslog using the GUI discovery process
D . Syslog configuration must be done manually on devices by the network administrator.

View Answer

Answer: D

Explanation:

Syslog Configuration in FortiSIEM: For FortiSIEM to receive syslog messages from network devices, those devices need to be properly configured to send syslog data to FortiSIEM.

Manual Configuration Requirement: FortiSIEM does not automatically configure network devices to send syslog messages. Instead, this configuration must be performed manually by the network administrator.

Process Overview: The network administrator must access each device and set up the syslog parameters to direct log data to the FortiSIEM collector’s IP address.

Discovery Process: While FortiSIEM can discover network devices using SNMP, WMI, and other protocols, the configuration of syslog on these devices is beyond its scope and requires manual intervention.

Reference: FortiSIEM 6.3 User Guide, Device Configuration and Syslog Integration sections, which explain the requirements and steps for setting up syslog forwarding on network devices.