Fortinet black logo

Administration Guide

Home FortiPolicy 7.2.0 Administration Guide
7.2.0
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0

Events

Events

The Events page has three tabs:

Access control, exploits, and malware

Use the event correlation explorer (ECE) to create tables or graphs that display correlated FortiPolicy event analysis data. You can also export generated analysis data for reporting.

Go to Workspace > Events to access the event correlation explorer.

After creating and populating a table with selected filters (or selected "attributes" for graph displays), arrange the columns and sort the column data, as needed. After setting the table criteria, click the export icon at the top of the page to export the analysis results.

An example of exported analysis data is shown in the following figure.

The event correlation explorer analyzes access control, exploit, and malware events.

ECE is the primary tool for viewing ACL instances and ACL events.

To use the ECE:

  1. Go to Workspace > Events.

  2. Select the type of events to analyze: Access Control, Exploits, or Malware.

  3. Set a time period to analyze: Last Hour, Last 2 Hours, Last 24 Hours, Last 7 Days, or Last 30 Days.

  4. Click each column heading to sort the data in ascending or descending order.

  5. Click the filter icon under the column heading to filter the data in that column.

  6. Click the Refresh icon to update the table data.

  7. Click the Clear All Filters icon to show all events.

  8. Click the Export Data icon to export the analysis results as a comma-separated values (CSV) file.

Previous
Next

Events

The Events page has three tabs:

Access control, exploits, and malware

Use the event correlation explorer (ECE) to create tables or graphs that display correlated FortiPolicy event analysis data. You can also export generated analysis data for reporting.

Go to Workspace > Events to access the event correlation explorer.

After creating and populating a table with selected filters (or selected "attributes" for graph displays), arrange the columns and sort the column data, as needed. After setting the table criteria, click the export icon at the top of the page to export the analysis results.

An example of exported analysis data is shown in the following figure.

The event correlation explorer analyzes access control, exploit, and malware events.

ECE is the primary tool for viewing ACL instances and ACL events.

To use the ECE:

  1. Go to Workspace > Events.

  2. Select the type of events to analyze: Access Control, Exploits, or Malware.

  3. Set a time period to analyze: Last Hour, Last 2 Hours, Last 24 Hours, Last 7 Days, or Last 30 Days.

  4. Click each column heading to sort the data in ascending or descending order.

  5. Click the filter icon under the column heading to filter the data in that column.

  6. Click the Refresh icon to update the table data.

  7. Click the Clear All Filters icon to show all events.

  8. Click the Export Data icon to export the analysis results as a comma-separated values (CSV) file.

Previous
Next