Sending FortiGate Bandwidth Stats to Elasticsearch
Вставка
- Опубліковано 7 лют 2025
- #elasticsearch #kibana #logstash #elasticsearchtutorial #fortigate #fortinet
In this tutorial, I am using a Raspberry Pi to send API GET requests to the FortiGate and grab the bandwidth stats of a specific interface. Then using Logstash, I parse the data and send it to Elasticsearch.
*NOTE*
The FortiGate needs to be running FortiOS 7.0 and above to be able to use this API.
Thank you for watching!
The script that I used:
=================
import requests
from tokens import fw_token
import json
from datetime import date, datetime
import socket
def get_bw():
url = "firewall_ip/api/v2/monitor/system/traffic-history/interface?interface=interface_name&time_period=hour"
requests.packages.urllib3.disable_warnings()
payload={}
headers = {'Authorization': f'Bearer {fw_token}'}
response = requests.request("GET", url, headers=headers, data=payload, verify=False).json()
return response
data = get_bw()
#print(data)
last_tx = data["results"]["last_tx"]
last_rx = data["results"]["last_rx"]
ts = datetime.timestamp(datetime.now())
current_bw = {"last_tx": last_tx, "last_rx": last_rx, "time": int(ts)}
Convert the data to binary
data_to_send = json.dumps(current_bw).encode('utf-8')
Create a socket object and use the sendto method to send the data
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
s.sendto(data_to_send, ('logstash_ip', udp_port))
Follow my Twitter: / ayounes9
Follow my Blog: www.thelionpin...
Nice! thanks for sharing
Nice ! Can you post the script to be able to replicate this much easier
Thank you
I posted the script in the description box. You will need to replace the firewall IP, the interface name, the logstash IP and port.
Any new on the video for secure beat to logstash setup?
Any feedback?
I have a list of videos I am working on, I will get to this one hopefully soon!
Are you looking to secure Filebeat output to Logstash for example?