Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 26.1.0
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Admin Guide

    Authentication logs

    Authentication logs

    Authentication logs capture authentication attempts that your FIC end-users have made.

    Viewing authentication logs

    1. Click Log and Report >Authentication Logs.
    2. Click Filters.
    3. Select the filter(s).
    4. Click OK.

    Each authentication log captures the following data:

    Column

    Description

    TIMESTAMP

    The date and time of an authentication request.

    Note: FIC captures the time of an event in UTC time, and then converts it to the client browser's local time zone, which is the time shown in the timestamp.

    USERNAME

    The username of the user who made the request.

    APPLICATION

    Shows either of the following:

    • The serial number and VDOM name if the application is an FGT device.
    • The source IP address if the application is a third-party device.

    REALM

    The realm ID of the realm from which the authentication request is attempted.

    ACTION

    The authentication action.

    STATUS

    The status of the authentication request expressed in standard HTTP status codes. See List of HTTP Status Codes.

    RESULTS

    The outcome of an authentication request, which can be either of the following:

    • Success
    • Failed

    DETAILS

    View log details.

    Filtering logs by date and time

    This option enables you to display logs for the period of time you specify.

    1. In the upper-left corner of the page, choose the start date and time and the end date and time.
    2. Click Filter.

    Filtering logs by user

    This option enables you to filter the logs by username.

    1. In the upper-left corner of the page, below the Start date and End date filter, click user.
    2. From the drop-down menu, select a username.

    Filtering logs by status

    This option allows you to filter logs by HTML status code.

    1. In the upper-left corner of the page, below the Start date and End date filter, click status.
    2. From the drop-down menu, select an HTML status code.

    Sorting the log table

    You can sort the entries in the log table by clicking any of the column headers, namely:

    • Timestamp
    • Username
    • applications
    • Results
    Previous
    Next

    Authentication logs

    Authentication logs

    Authentication logs capture authentication attempts that your FIC end-users have made.

    Viewing authentication logs

    1. Click Log and Report >Authentication Logs.
    2. Click Filters.
    3. Select the filter(s).
    4. Click OK.

    Each authentication log captures the following data:

    Column

    Description

    TIMESTAMP

    The date and time of an authentication request.

    Note: FIC captures the time of an event in UTC time, and then converts it to the client browser's local time zone, which is the time shown in the timestamp.

    USERNAME

    The username of the user who made the request.

    APPLICATION

    Shows either of the following:

    • The serial number and VDOM name if the application is an FGT device.
    • The source IP address if the application is a third-party device.

    REALM

    The realm ID of the realm from which the authentication request is attempted.

    ACTION

    The authentication action.

    STATUS

    The status of the authentication request expressed in standard HTTP status codes. See List of HTTP Status Codes.

    RESULTS

    The outcome of an authentication request, which can be either of the following:

    • Success
    • Failed

    DETAILS

    View log details.

    Filtering logs by date and time

    This option enables you to display logs for the period of time you specify.

    1. In the upper-left corner of the page, choose the start date and time and the end date and time.
    2. Click Filter.

    Filtering logs by user

    This option enables you to filter the logs by username.

    1. In the upper-left corner of the page, below the Start date and End date filter, click user.
    2. From the drop-down menu, select a username.

    Filtering logs by status

    This option allows you to filter logs by HTML status code.

    1. In the upper-left corner of the page, below the Start date and End date filter, click status.
    2. From the drop-down menu, select an HTML status code.

    Sorting the log table

    You can sort the entries in the log table by clicking any of the column headers, namely:

    • Timestamp
    • Username
    • applications
    • Results
    Previous
    Next