Analyzing attack logs in FortiWeb Cloud Threat Analytics
FortiWeb Cloud now integrates with FortiWeb appliances. Collect attack logs from all your FortiWeb platforms and leverage the power of threat analytics across your entire web assets.
To enable Threat Analytics:
- Contact Sales team to purchase a license with the Threat Analytics service.
- Log in to FortiWeb.
- Check the status of Threat Analytics in the Licenses widget in Dashboard > Status. It should be displayed as Valid.
- In the System Information Widget in Dashboard > Status, click Enable Threat Analytics, then click OK in the pop-up window.
- Make sure Enable Attack Log is switched on in Log&Report > Log Config > Other Log Settings.
- Go to Dashboard > Status, click Add Widget, then select Threat Analytics in the System section. The Threat Analytics widget will be displayed on the Status page. You can view whether FortiWeb is successfully connected with FortiWeb Cloud and whether the attack logs are being forwarded.
- Wait for FortiWeb to generate attack logs.
- Log in to FortiWeb Cloud with the account you used when registering your license on Fortinet Support site.
For more information on the Threat Analytics, see this article in FortiWeb Cloud Online Help.