Fortiweb Cloud custom integration

Cristina_Marletta_Li · February 6, 2025, 2:58pm

Hi all,
I would like to know if there is a possibility and it is documented to make a custom integration where it is not available. In particular, I need to integrate FortiWeb Cloud events that make them available via API.

Thanks!

Cristina

stephenb · February 6, 2025, 3:33pm

Hi @Cristina_Marletta_Li

Yes there is an integration developers guide...

I suspect that it would end up Under the Fortinet integration...

You could do that, or perhaps you could also start by using the correct input type, such as HTTP Input, Syslog, Custom Log, etc., and then build a custom ingest pipeline to do the parsing. You could do that without building a whole integration

Of course, if you want to build an integration please do ... perhaps you could donate it...

Cristina_Marletta_Li · February 6, 2025, 4:07pm

Hi stephenb,
That's very interesting what you say. Is there an integration template that receives events via syslog?

stephenb · February 6, 2025, 4:31pm

Yes there is Custom TCP Logs integration that even does some syslog parsing

You can set the Host / Port / Ingest Pipeline etc...

Topic		Replies	Views
Cannot Integrate FortiEDR Logs in Elastic SIEM Elastic Security	6	230	October 31, 2024
Fortinet logs not showing Elasticsearch	3	420	October 19, 2024
Filter for parsing Forticlient, Fortiweb, Fortisandbox, Fortimail Logstash	1	306	August 10, 2021
Fortigate Integrations SIEM	9	1116	October 10, 2024
Elastic Security Integeration with Huawei firewall SIEM	8	1331	February 11, 2022

Fortiweb Cloud custom integration

Related topics