Fortinet black logo

Cookbook

Home FortiAnalyzer 6.2.0 Cookbook

Adding a FortiSandbox to FortiAnalyzer and viewing scanned files

6.2.0
6.2.0
5.4.0
5.2.0
Copy Link
Copy Doc ID 8ee8a6b6-7281-11e9-81a4-00505692583a:460028
Download PDF

Adding a FortiSandbox to FortiAnalyzer and viewing scanned files

You can use the IP address of the FortiSandbox you configured to add it to FortiAnalyzer with Device Manager.

To add the FortiSandbox:

If using ADOMs, ensure that you are in the correct ADOM.

  1. In FortiAnalyzer, go to Device Manager.
  2. Click Add Device to enter the FortiSandbox information in the dialog box.
    IP Address Type the IP address for the FortiSandbox device.
    SN Type the serial number for the FortiSandbox device.
    Device Name Type a name for the FortiSandbox device.
    Device Model Select the model of the FortiSandbox device.
    Firmware Version Select the firmware version of the FortiSandbox device.
    Description Type a description of the FortiSandbox device (optional).
  3. Click Next.

    The device is added to the ADOM and, if successful, is ready to begin sending logs to the FortiAnalyzer unit.

  4. Click Finish.
  5. In the Device Manager, select the FortiSandbox you added, and click Edit in the toolbar.
  6. Enter the Admin User and Password to allow FortiAnalyzer to access the FortiSandbox, then click OK.

To view FortiSandbox scanned files in the FortiSandbox Detection dashboard:
  1. Go to SOC > FortiView > Threats > FortiSandbox Detection to view the files scanned by FortiSandbox.
  2. Click a file to view the Drilldown Panel.

  3. Click the FortiSandbox Scan link to view the Sandbox Execution Details panel.

Previous
Next

Adding a FortiSandbox to FortiAnalyzer and viewing scanned files

You can use the IP address of the FortiSandbox you configured to add it to FortiAnalyzer with Device Manager.

To add the FortiSandbox:

If using ADOMs, ensure that you are in the correct ADOM.

  1. In FortiAnalyzer, go to Device Manager.
  2. Click Add Device to enter the FortiSandbox information in the dialog box.
    IP Address Type the IP address for the FortiSandbox device.
    SN Type the serial number for the FortiSandbox device.
    Device Name Type a name for the FortiSandbox device.
    Device Model Select the model of the FortiSandbox device.
    Firmware Version Select the firmware version of the FortiSandbox device.
    Description Type a description of the FortiSandbox device (optional).
  3. Click Next.

    The device is added to the ADOM and, if successful, is ready to begin sending logs to the FortiAnalyzer unit.

  4. Click Finish.
  5. In the Device Manager, select the FortiSandbox you added, and click Edit in the toolbar.
  6. Enter the Admin User and Password to allow FortiAnalyzer to access the FortiSandbox, then click OK.

To view FortiSandbox scanned files in the FortiSandbox Detection dashboard:
  1. Go to SOC > FortiView > Threats > FortiSandbox Detection to view the files scanned by FortiSandbox.
  2. Click a file to view the Drilldown Panel.

  3. Click the FortiSandbox Scan link to view the Sandbox Execution Details panel.

Previous
Next