Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

CLI Reference

config log fast_report

Use this command to configure fast reports.

Before you begin:

  • You must have read-write permission for log settings.

Syntax

config log fast_report

edit <Name>

set module {slb|attack}

set history_runchart {enable|disable}

set range {1DAY | 1HOUR | 1MONTH| 1WEEK | 10MINS}

set traffic_data_type {bytes|sessions}

set slb_subtype {top_browser | top_dest | top_dev | top_domain | top_os | top_referrer | top_session | top_source_country | top_src | top_url }

set filter_object {srccountry|dstcountry}

set filter_value <string>

set topx <integer>

set topy <integer>

next

end

module

Either of the following modules:

  • slb
  • attack

history_runchart

Enable/disable the history runchart.

range

Past day, hour, month, week, or 10 minutes.

traffic_data_type

Query by session count or bytes.

slb_subtype

Query subtype.

filter_object

Filter by source country or destination country. Optional.

filter_value

The country to be filtered.

topx

The number of the top x results.

topy

The number of the top y results.

Example

FortiADC-VM # config log fast_report

FortiADC-VM (fast_report) # edit fast-report

Add new entry 'fast-report' for node 4590

FortiADC-VM (fast-report) # get

module : slb

history_runchart : disable

range : 10MINS

traffic_data_type : bytes

slb_subtype : top_src

filter_object :

filter_value :

FortiADC-VM (fast-report) # set filter_object srccountry

FortiADC-VM (fast-report) # set filter_value "United States"

FortiADC-VM (fast-report) # end

 

Example

FortiADC-VM # config log fast_report

FortiADC-VM (fast_report) # edit "all_attack"

Add new entry 'all_attack' for node 4590

FortiADC-VM (all_attack) # set module attack

FortiADC-VM (all_attack) # set history_runchart enable

FortiADC-VM (all_attack) # set attack_sort_type count

FortiADC-VM (all_attack) # set attack_subtype top_attack_type_for_all

FortiADC-VM (all_attack) # unset filter_object

FortiADC-VM (all_attack) # unset filter_value

FortiADC-VM (all_attack) # set topx 5

FortiADC-VM (all_attack) # set topy 5

FortiADC-VM (all_attack) # get

module : attack

history_runchart : enable

attack_sort_type : count

attack_subtype : top_attack_type_for_all

filter_object :

filter_value :

topx : 5

topy : 5

FortiADC-VM (all_attack) #set filter_object srccountry

FortiADC-VM (all_attack) # set filter_value "United States"

FortiADC-VM (all_attack) # end

config log fast_report

Use this command to configure fast reports.

Before you begin:

  • You must have read-write permission for log settings.

Syntax

config log fast_report

edit <Name>

set module {slb|attack}

set history_runchart {enable|disable}

set range {1DAY | 1HOUR | 1MONTH| 1WEEK | 10MINS}

set traffic_data_type {bytes|sessions}

set slb_subtype {top_browser | top_dest | top_dev | top_domain | top_os | top_referrer | top_session | top_source_country | top_src | top_url }

set filter_object {srccountry|dstcountry}

set filter_value <string>

set topx <integer>

set topy <integer>

next

end

module

Either of the following modules:

  • slb
  • attack

history_runchart

Enable/disable the history runchart.

range

Past day, hour, month, week, or 10 minutes.

traffic_data_type

Query by session count or bytes.

slb_subtype

Query subtype.

filter_object

Filter by source country or destination country. Optional.

filter_value

The country to be filtered.

topx

The number of the top x results.

topy

The number of the top y results.

Example

FortiADC-VM # config log fast_report

FortiADC-VM (fast_report) # edit fast-report

Add new entry 'fast-report' for node 4590

FortiADC-VM (fast-report) # get

module : slb

history_runchart : disable

range : 10MINS

traffic_data_type : bytes

slb_subtype : top_src

filter_object :

filter_value :

FortiADC-VM (fast-report) # set filter_object srccountry

FortiADC-VM (fast-report) # set filter_value "United States"

FortiADC-VM (fast-report) # end

 

Example

FortiADC-VM # config log fast_report

FortiADC-VM (fast_report) # edit "all_attack"

Add new entry 'all_attack' for node 4590

FortiADC-VM (all_attack) # set module attack

FortiADC-VM (all_attack) # set history_runchart enable

FortiADC-VM (all_attack) # set attack_sort_type count

FortiADC-VM (all_attack) # set attack_subtype top_attack_type_for_all

FortiADC-VM (all_attack) # unset filter_object

FortiADC-VM (all_attack) # unset filter_value

FortiADC-VM (all_attack) # set topx 5

FortiADC-VM (all_attack) # set topy 5

FortiADC-VM (all_attack) # get

module : attack

history_runchart : enable

attack_sort_type : count

attack_subtype : top_attack_type_for_all

filter_object :

filter_value :

topx : 5

topy : 5

FortiADC-VM (all_attack) #set filter_object srccountry

FortiADC-VM (all_attack) # set filter_value "United States"

FortiADC-VM (all_attack) # end