{ "name": "fortinet_fortiproxy", "title": "Fortinet FortiProxy", "version": "1.4.1", "release": "ga", "description": "Collect logs from Fortinet FortiProxy with Elastic Agent.", "type": "integration", "download": "/epr/fortinet_fortiproxy/fortinet_fortiproxy-1.4.1.zip", "path": "/package/fortinet_fortiproxy/1.4.1", "icons": [ { "src": "/img/fortinet-logo.svg", "path": "/package/fortinet_fortiproxy/1.4.1/img/fortinet-logo.svg", "title": "Fortinet", "size": "216x216", "type": "image/svg+xml" } ], "conditions": { "kibana": { "version": "^8.12.2 || ^9.0.0" }, "elastic": { "subscription": "basic" } }, "owner": { "type": "elastic", "github": "elastic/integration-experience" }, "categories": [ "network", "observability", "proxy_security", "security", "web" ], "signature_path": "/epr/fortinet_fortiproxy/fortinet_fortiproxy-1.4.1.zip.sig", "format_version": "3.1.3", "readme": "/package/fortinet_fortiproxy/1.4.1/docs/README.md", "license": "basic", "screenshots": [ { "src": "/img/dashboard.png", "path": "/package/fortinet_fortiproxy/1.4.1/img/dashboard.png", "title": "Dashboard", "size": "1680x1950", "type": "image/png" } ], "assets": [ "/package/fortinet_fortiproxy/1.4.1/LICENSE.txt", "/package/fortinet_fortiproxy/1.4.1/changelog.yml", "/package/fortinet_fortiproxy/1.4.1/manifest.yml", "/package/fortinet_fortiproxy/1.4.1/validation.yml", "/package/fortinet_fortiproxy/1.4.1/docs/README.md", "/package/fortinet_fortiproxy/1.4.1/img/dashboard.png", "/package/fortinet_fortiproxy/1.4.1/img/fortinet-logo.svg", "/package/fortinet_fortiproxy/1.4.1/kibana/tags.yml", "/package/fortinet_fortiproxy/1.4.1/data_stream/log/manifest.yml", "/package/fortinet_fortiproxy/1.4.1/data_stream/log/sample_event.json", "/package/fortinet_fortiproxy/1.4.1/docs/knowledge_base/service_info.md", "/package/fortinet_fortiproxy/1.4.1/kibana/dashboard/fortinet_fortiproxy-16343146-928c-4ed6-b6da-69035363fb73.json", "/package/fortinet_fortiproxy/1.4.1/data_stream/log/fields/agent.yml", "/package/fortinet_fortiproxy/1.4.1/data_stream/log/fields/base-fields.yml", "/package/fortinet_fortiproxy/1.4.1/data_stream/log/fields/ecs.yml", "/package/fortinet_fortiproxy/1.4.1/data_stream/log/fields/fields.yml", "/package/fortinet_fortiproxy/1.4.1/data_stream/log/agent/stream/filestream.yml.hbs", "/package/fortinet_fortiproxy/1.4.1/data_stream/log/agent/stream/tcp.yml.hbs", "/package/fortinet_fortiproxy/1.4.1/data_stream/log/agent/stream/udp.yml.hbs", "/package/fortinet_fortiproxy/1.4.1/data_stream/log/elasticsearch/ingest_pipeline/default.yml", "/package/fortinet_fortiproxy/1.4.1/data_stream/log/elasticsearch/ingest_pipeline/event.yml", "/package/fortinet_fortiproxy/1.4.1/data_stream/log/elasticsearch/ingest_pipeline/traffic.yml", "/package/fortinet_fortiproxy/1.4.1/data_stream/log/elasticsearch/ingest_pipeline/utm.yml" ], "policy_templates": [ { "name": "fortinet_fortiproxy", "title": "Fortinet FortiProxy logs", "description": "Collect logs from Fortinet FortiProxy instances.", "inputs": [ { "type": "tcp", "title": "Collect Fortinet FortiProxy logs via TCP input", "description": "Collecting logs from Fortinet FortiProxy instances via tcp input." }, { "type": "udp", "title": "Collect Fortinet FortiProxy logs via UDP input", "description": "Collecting logs from Fortinet FortiProxy instances via udp input." }, { "type": "filestream", "title": "Collect Fortinet FortiProxy logs via Filestream input", "description": "Collecting logs from Fortinet FortiProxy instances via filestream input." } ], "multiple": true } ], "data_streams": [ { "type": "logs", "dataset": "fortinet_fortiproxy.log", "title": "Collect logs from Fortinet FortiProxy", "release": "ga", "ingest_pipeline": "default", "streams": [ { "input": "tcp", "vars": [ { "name": "syslog_host", "type": "text", "title": "Listen Address", "description": "The bind address to listen for TCP connections. Set to `0.0.0.0` to bind to all available interfaces.", "multi": false, "required": true, "show_user": true, "default": "localhost" }, { "name": "syslog_port", "type": "integer", "title": "Listen Port", "description": "The TCP port number to listen on.", "multi": false, "required": true, "show_user": true, "default": 514 }, { "name": "tags", "type": "text", "title": "Tags", "multi": true, "required": true, "show_user": false, "default": [ "fortinet-fortiproxy", "forwarded" ] }, { "name": "preserve_original_event", "type": "bool", "title": "Preserve original event", "description": "Preserves a raw copy of the original event, added to the field `event.original`", "multi": false, "required": true, "show_user": true, "default": false }, { "name": "processors", "type": "yaml", "title": "Processors", "description": "Processors are used to reduce the number of fields in the exported event or to enhance the event with metadata. This executes in the agent before the logs are parsed. See [Processors](https://www.elastic.co/guide/en/beats/filebeat/current/filtering-and-enhancing-data.html) for details.", "multi": false, "required": false, "show_user": false }, { "name": "ssl", "type": "yaml", "title": "SSL Configuration", "description": "SSL configuration options. See [documentation](https://www.elastic.co/guide/en/beats/filebeat/current/configuration-ssl.html#ssl-common-config) for details.", "multi": false, "required": false, "show_user": false, "default": "#certificate: \"/etc/server/cert.pem\"\n#key: \"/etc/server/key.pem\"" }, { "name": "tcp_options", "type": "yaml", "title": "Custom TCP Options", "description": "Specify custom configuration options for the TCP input.", "multi": false, "required": false, "show_user": false, "default": "framing: rfc6587\n# max_message_size: 50KiB\n# max_connections: 1" } ], "template_path": "tcp.yml.hbs", "title": "Fortinet FortiProxy logs (tcp)", "description": "Collect Fortinet FortiProxy logs using the tcp input", "enabled": true, "ingestion_method": "Network Protocol" }, { "input": "udp", "vars": [ { "name": "syslog_host", "type": "text", "title": "Listen Address", "description": "The bind address to listen for UDP connections. Set to `0.0.0.0` to bind to all available interfaces.", "multi": false, "required": true, "show_user": true, "default": "localhost" }, { "name": "syslog_port", "type": "integer", "title": "Listen Port", "description": "The UDP port number to listen on.", "multi": false, "required": true, "show_user": true, "default": 514 }, { "name": "tags", "type": "text", "title": "Tags", "multi": true, "required": true, "show_user": false, "default": [ "fortinet-fortiproxy", "forwarded" ] }, { "name": "preserve_original_event", "type": "bool", "title": "Preserve original event", "description": "Preserves a raw copy of the original event, added to the field `event.original`", "multi": false, "required": true, "show_user": true, "default": false }, { "name": "udp_options", "type": "yaml", "title": "Custom UDP Options", "description": "Specify custom configuration options for the UDP input.", "multi": false, "required": false, "show_user": false, "default": "#read_buffer: 100MiB\n#max_message_size: 50KiB\n#timeout: 300s\n" }, { "name": "processors", "type": "yaml", "title": "Processors", "description": "Processors are used to reduce the number of fields in the exported event or to enhance the event with metadata. This executes in the agent before the logs are parsed. See [Processors](https://www.elastic.co/guide/en/beats/filebeat/current/filtering-and-enhancing-data.html) for details.\n", "multi": false, "required": false, "show_user": false } ], "template_path": "udp.yml.hbs", "title": "Fortinet FortiProxy logs (udp)", "description": "Collect Fortinet FortiProxy logs using the udp input", "enabled": true, "ingestion_method": "Network Protocol" }, { "input": "filestream", "vars": [ { "name": "paths", "type": "text", "title": "Paths", "multi": true, "required": false, "show_user": true, "default": [ "/var/log/fortinet-fortiproxy.log" ] }, { "name": "tags", "type": "text", "title": "Tags", "multi": true, "required": true, "show_user": false, "default": [ "fortinet-fortiproxy", "forwarded" ] }, { "name": "preserve_original_event", "type": "bool", "title": "Preserve original event", "description": "Preserves a raw copy of the original event, added to the field `event.original`", "multi": false, "required": true, "show_user": true, "default": false }, { "name": "processors", "type": "yaml", "title": "Processors", "description": "Processors are used to reduce the number of fields in the exported event or to enhance the event with metadata. This executes in the agent before the logs are parsed. See [Processors](https://www.elastic.co/guide/en/beats/filebeat/current/filtering-and-enhancing-data.html) for details.\n", "multi": false, "required": false, "show_user": false } ], "template_path": "filestream.yml.hbs", "title": "Fortinet FortiProxy logs (filestream)", "description": "Collect Fortinet FortiProxy logs using filestream input", "enabled": false, "ingestion_method": "File" } ], "package": "fortinet_fortiproxy", "path": "log" } ] }