Parsing fortigate logs with filebeat modules

I have never used filebeat for parsing the fortigate logs. I have consulted several pages on the internet about this.
I concluded that the best approach is to install Filebeat at the logstash server, after activating the fortigate filebeat module and listening on a port (For example 9001). We shall configure fortigate to send logs to the logstash server address via the configured port.
My question :
Are the steps I mentioned correct?


This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.