Fortinet black logo

User Guide

Home FortiPortal 5.3.4 User Guide
5.3.4
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.0.14
6.0.13
6.0.12
6.0.11
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.3.8
5.3.7
5.3.6
5.3.5
5.3.4
5.3.3
5.3.2
5.3.0
5.2.0
4.1.0

View

View

The View tab displays information about the security event logs. It contains filters and controls that allow you to group the event logs in different ways, and to drill down and view the details of a related set of event logs.

The following action buttons are available along the top of the page:

  • Application/Attack/Sandbox—view the event logs grouped by application, attack or sandbox.
  • Scope—view output for all sites or select a specific site
  • Set Filter—filter the data (last hour, last day, last 7 days, or customize)
  • Refresh—refresh the data
  • Sort—Each column has a sorting feature, allowing you to sort data in ascending or descending order.

The table header provides a drop-down menu for selecting the number of entries to display. In Collector mode, the header also includes a search box, enabling you to search for the text in the following fields: User, Source, Source Information (Src.Inf), Destination, Destination Information (Dst.Inf) and Application.

After you select Application, Attack, or Sandbox, you can select how to sort the event logs. Depending on the mode that FortiPortal is running in (Collector or FortiAnalyzer mode), the tabs available differ. The following tabs provide different views of the data:

  • Application—arranged by application
  • Attack—arranged by attack
  • Sandbox—arranged by sandbox
  • Source—arranged by the source FortiGate device
  • Destination—arranged by the destination (IP address, protocol, port)
  • Session—arranged by session (that is, a specific flow of packets between a source and destination). This tab is visible only when you have selected the Application view.
  • Log —details of each event
Previous
Next

View

The View tab displays information about the security event logs. It contains filters and controls that allow you to group the event logs in different ways, and to drill down and view the details of a related set of event logs.

The following action buttons are available along the top of the page:

  • Application/Attack/Sandbox—view the event logs grouped by application, attack or sandbox.
  • Scope—view output for all sites or select a specific site
  • Set Filter—filter the data (last hour, last day, last 7 days, or customize)
  • Refresh—refresh the data
  • Sort—Each column has a sorting feature, allowing you to sort data in ascending or descending order.

The table header provides a drop-down menu for selecting the number of entries to display. In Collector mode, the header also includes a search box, enabling you to search for the text in the following fields: User, Source, Source Information (Src.Inf), Destination, Destination Information (Dst.Inf) and Application.

After you select Application, Attack, or Sandbox, you can select how to sort the event logs. Depending on the mode that FortiPortal is running in (Collector or FortiAnalyzer mode), the tabs available differ. The following tabs provide different views of the data:

  • Application—arranged by application
  • Attack—arranged by attack
  • Sandbox—arranged by sandbox
  • Source—arranged by the source FortiGate device
  • Destination—arranged by the destination (IP address, protocol, port)
  • Session—arranged by session (that is, a specific flow of packets between a source and destination). This tab is visible only when you have selected the Application view.
  • Log —details of each event
Previous
Next