Fortinet black logo

Analysis

Copy Link
Copy Doc ID aaf760f3-025b-11e9-b86b-00505692583a:810832
Download PDF

Analysis

The Analysis page lists the Incidents detected by FortiDeceptor. The detailed Analysis report can be downloaded from the Export to PDF option.

To see the list of Events:
  1. Go to Incident > Analysis.
  2. The following information is shown:
    Severity Severity of the Event is shown as Critical, High, Medium, Low, or Unknown.
    Last Activity Date and time of the last activity.
    Type Type of Event.
    Attacker IP Mask IP mask of the attacker.
    Attacker User User name of the attacker.
    Victim IP IP address of the victim.

    Start

    Date and time when the attack started.

    Attacker Port

    Port from where the attack originated.

    Attacker Type

    The Attacker type is shown as Unknown, Connection, Interaction, or Reconnaissance.

    Victim Port

    Port of the victim.

    Attacker Password

    Password used by the attacker.

    Timeline

    Click Timeline to see the entire timeline of all the Incidents from start to finish.

    Table

    Click Table to see all the Incidents in a table view.

To refresh the data:

Click Refresh to refresh the data.

To export to PDF:
  1. Click Export to PDF.
  2. Click OK to save the PDF.
To mark all items as read:

Newly detected incidents will be displayed in bold to indicate as unread. The rows can be marked as read by expanding the Incident details or by clicking the Mark all as read button.

Analysis

The Analysis page lists the Incidents detected by FortiDeceptor. The detailed Analysis report can be downloaded from the Export to PDF option.

To see the list of Events:
  1. Go to Incident > Analysis.
  2. The following information is shown:
    Severity Severity of the Event is shown as Critical, High, Medium, Low, or Unknown.
    Last Activity Date and time of the last activity.
    Type Type of Event.
    Attacker IP Mask IP mask of the attacker.
    Attacker User User name of the attacker.
    Victim IP IP address of the victim.

    Start

    Date and time when the attack started.

    Attacker Port

    Port from where the attack originated.

    Attacker Type

    The Attacker type is shown as Unknown, Connection, Interaction, or Reconnaissance.

    Victim Port

    Port of the victim.

    Attacker Password

    Password used by the attacker.

    Timeline

    Click Timeline to see the entire timeline of all the Incidents from start to finish.

    Table

    Click Table to see all the Incidents in a table view.

To refresh the data:

Click Refresh to refresh the data.

To export to PDF:
  1. Click Export to PDF.
  2. Click OK to save the PDF.
To mark all items as read:

Newly detected incidents will be displayed in bold to indicate as unread. The rows can be marked as read by expanding the Incident details or by clicking the Mark all as read button.