Fortigate

1. aws https://www.fortinet.com/content/dam/fortinet/assets/solutions/aws/FortiGate-AWS-Engineering-Reference-Document-Q4-2015.pdf 2. https://geekdudes.wordpress.com/2018/07/18/install-fortigate-amazon-ec2-instance/ 3. https://geekdudes.wordpress.com/2018/08/19/creating-static-route-in-aws-ec2-fortigate-instance/ Many documents forget SG(security group) 1. FortiGate VM SG need Inbound rules: All traffic All All 10.0.0.0/16 2. Private VM SG need Inbound rules: All traffic All All 10.0.0.0/16 Setting finish. First fortigate cmd: execute ping Private VM private ip. Need success. Second in private vm cmd: ping FortiGate Lan ip. Need success. Don’t forgate Check “Ping” option. ping 10.0.1.1. Need success. Now ping 8.8.8.8 Must success. ...

Install two part: OpenFortiGUI OpenFortiGUI-runner Port set maybe: 443 8443 10443

https://hadler.me/linux/openfortigui/

https://www.rosehosting.com/blog/install-and-configure-the-elk-stack-on-ubuntu-16-04/ https://www.elastic.co/guide/en/logstash/current/configuration.html https://dotblogs.com.tw/supershowwei/2016/05/25/185741 install finish 1、/etc/logstash/conf.d/ put some logstash conf 2、ubuntu have logstash listen error, so nano /etc/logstash/startup.options LS_USER = root 3、/usr/share/logstash/bin# ./system-install reuse LS_USER for config 注意： mutate { add_field => { “logTime” => “%{+YYYY-MM-dd} %{time}” }