Version:

Version:

Version:


Table of Contents

New Features

Download PDF
Copy Link

FortiWeb Pcap Support

The FortiWeb attack log provides a deep analysis tool that allows customers to understand why a particular request was flagged as a violation. It gives detailed information in a 'Wireshark' like visual separating the HTTP requests into headers, cookies, parameters, and the HTTP body, highlighting the pattern that triggered the violation.

This enhancement in FortiAnalyzer allow users to view FortiWeb packet logs with additional HTTP request information included.

To view FortiWeb packet logs:
  1. Go to Log View.
  2. In the tree menu, select Application Attack Prevention.

    The Application Attack Prevention pane opens.

    In the Application Attack Prevention pane, FortiWeb packets appear in the far right-side under Data.

    Note

    By default, Data is not visible in the log view. You can enable it from the settings on the far-right side.

    FortiWeb packets also appear in the log detail panel.

  3. Click on the packet icon to view the packet details.

    The View Attack Content dialog appears. It shows packet details using the same design as IPS Archive.

FortiWeb Pcap Support

The FortiWeb attack log provides a deep analysis tool that allows customers to understand why a particular request was flagged as a violation. It gives detailed information in a 'Wireshark' like visual separating the HTTP requests into headers, cookies, parameters, and the HTTP body, highlighting the pattern that triggered the violation.

This enhancement in FortiAnalyzer allow users to view FortiWeb packet logs with additional HTTP request information included.

To view FortiWeb packet logs:
  1. Go to Log View.
  2. In the tree menu, select Application Attack Prevention.

    The Application Attack Prevention pane opens.

    In the Application Attack Prevention pane, FortiWeb packets appear in the far right-side under Data.

    Note

    By default, Data is not visible in the log view. You can enable it from the settings on the far-right side.

    FortiWeb packets also appear in the log detail panel.

  3. Click on the packet icon to view the packet details.

    The View Attack Content dialog appears. It shows packet details using the same design as IPS Archive.