All NAS Series Use SSH to log in to the NAS as an administrator. Open the apache-default-modules.conf file: /etc/config/apache/apache.conf Add any additional modules.

Home

1. Apache is a popular open-source, cross-platform web server that is, by the numbers, the most popular web server in existence. It’s actively maintained by the Apache Software Foundation.
2. Go into your nas Control Panel, and then into Web Services. Then check the box Enable Web Station.
3. Complete Apache HTTP Web Server with PHP 7.4.x branch and more 20 PECL php extension embedded, Generate and update ca-certificates automatically on your NAS Composer embedded and added to NAS $PATH command line.

Apache Web Server

What is Discovered and Monitored

Home Nas Server

Event Types

In ADMIN > Device Support > Event, search for 'apache' in the Device Type and Description column to see the event types associated with this device.

Reports

InRESOURCE > Reports , search for 'apache' in the Name column to see the reports associated with this device.

Configuration

SNMP

FortiSIEM uses SNMP to discover and monitor this device. Make sure SNMP is enabled for the device as directed in its product documentation. For more information, refer to sections 'Discovery Settings' and 'Setting Credentials' in the User Guide.

HTTPS

To communicate with FortiSIEM over HTTPS, you must configure the mod_status module in your Apache web server.

1. Log in to your web server as an administrator.
2. Open the configuration file /etc/Httpd.conf.
3. Modify the file as shown in these code blocks, depending on whether you are connecting over HTTP without authentication, or over HTTPS with authentication.
   Without AuthenticationWith Authentication
4. If you are using authentication, you will have to add user authentication credentials.
   1. Go to /etc/httpd, and if necessary, create an account directory.
   2. In the account directory, create two files, users and groups.
   3. In the groups file, enter admin:admin.

   4. Create a password for the admin user.

5. Reload Apache.

You can now configure FortiSIEM to communicate with your device. For more information, refer to sections 'Discovery Settings' and 'Setting Credentials' in the User Guide.

Syslog

Install and configure Epilog application to send syslog to FortiSIEM

1. Download Epilog from Epilog download site and install it on your Windows Server.
2. For Windows, launch Epilog from Start→All Programs→InterSect Alliance→Epilog for windows
   
3. For Linux, type http://<yourApacheServerIp>:6162
4. Configure Epilog application as follows
   1. Go to Log Configuration. Click Add button and add the following log files to be sent to FortiSIEM
      • /etc/httpd/logs/access_log
      • /etc/httpd/logs/ssl_access_log
   2. Go to Network Configuration
      1. Set AO System IP(all-in-1 or collector) in Destination Server address (10.1.2.20 here);
      2. Set 514 in Destination Port text area
      3. Click Change Configuration to save the configuration
   3. Apply the Latest Audit Configuration. Apache logs will now sent to FortiSIEM in real time.
      

Define the Apache Log Format

You must define the format of the logs that Apache will send to FortiSIEM.

1. Open the file /etc/httpd/conf.d/ssl.conf for editing.
2. Add this line to the file.
3. Uncomment this line in the file.
4. Add this line to the file.
5. Reload Apache.

Apache Syslog Log Format

Settings for Access Credentials

SNMP Access Credentials for All Devices

Use these Access Method Definition settings to allow FortiSIEM to communicate with your device over SNMP. Set the Name and Community String.

Settings for Apache Web Server HTTPS Access Credentials

Synology Nas Web Server

Use these Access Method Definition settings to allow FortiSIEM to communicate with your Apache web server over https.

Nas Vs File Server

Nas File Server

Copyright © 2020 Fortinet, Inc. All Rights Reserved. | Terms of Service | Privacy Policy