Fortinet black logo

Administration Guide

Home FortiWeb 7.2.8 Administration Guide
7.2.8
7.4.3
7.4.2
7.4.1
7.4.0
7.2.8
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.10
7.0.9
7.0.8
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.2
6.4.1
6.4.0
6.3.23
6.3.19
6.3.18
6.3.17
6.3.16
6.3.15
6.3.14
6.3.13
6.3.11
6.3.10
6.3.9
6.3.7
6.3.6
6.3.5
6.3.4
6.3.3
6.3.2
6.3.1
6.3.0
6.2.5
6.2.4
6.2.3
6.2.2
6.2.1
6.2.0
6.1.2
6.1.1
5.7.0
5.6.1
5.6.0
5.6.0

FortiView Countries

FortiView Countries

Go to Dashboard > FortiView Countries. If it's not available in the Dashboard menu, refer to Monitors for how to add a monitor.

From this window, you can see total threat data and threat data for each country:

Viewing individual countries

There are two ways to drill down into the key elements about a specific country:

  • Double-click the country from the list of countries.
  • Click the Add Filter icon and select the country.

A country summary provides an overview of the total threats, accumulated threat score, actions, and service used:

From here, you can also view information about specific types of threats, the source IP of attacks, the client devices that launched attacks, HTTP methods used, and targeted URLs for the specified country under the Threats, Sources, Client Devices, HTTP Methods, URLs, CVE ID, and OWASP Top10 tabs, respectively. You can use either the Add Filter icon to filter for these things, or select the relevant tab and double-click the row of the thing you want to know more about.

You can even filter for a combination of these things. For example, below you can see the server policy that handled a specific type of threat from a particular device that targeted a specific URL:

For any given country, you can drill down into specific threat, source IP, client device ID, HTTP method, URL, CVE ID, and OWASP Top10 entries to learn more information about them via the Log Details. Below is an example.

Go to Dashboard > FortiView Countries.

To drill down into a country, double-click it.

Select the Sources tab.

note icon

You can select any tab for a country to view the Log Details of an attack. To view the Log Details of an attack, you simply have to select a specific attack.

Drill down into an IP address.

You will see every attack made from that IP address.

Select a specific attack from the IP address. You will be able to see information about the attack from this IP address. The Log Details will appear along the right side of the window:

Previous
Next

FortiView Countries

Go to Dashboard > FortiView Countries. If it's not available in the Dashboard menu, refer to Monitors for how to add a monitor.

From this window, you can see total threat data and threat data for each country:

Viewing individual countries

There are two ways to drill down into the key elements about a specific country:

  • Double-click the country from the list of countries.
  • Click the Add Filter icon and select the country.

A country summary provides an overview of the total threats, accumulated threat score, actions, and service used:

From here, you can also view information about specific types of threats, the source IP of attacks, the client devices that launched attacks, HTTP methods used, and targeted URLs for the specified country under the Threats, Sources, Client Devices, HTTP Methods, URLs, CVE ID, and OWASP Top10 tabs, respectively. You can use either the Add Filter icon to filter for these things, or select the relevant tab and double-click the row of the thing you want to know more about.

You can even filter for a combination of these things. For example, below you can see the server policy that handled a specific type of threat from a particular device that targeted a specific URL:

For any given country, you can drill down into specific threat, source IP, client device ID, HTTP method, URL, CVE ID, and OWASP Top10 entries to learn more information about them via the Log Details. Below is an example.

Go to Dashboard > FortiView Countries.

To drill down into a country, double-click it.

Select the Sources tab.

note icon

You can select any tab for a country to view the Log Details of an attack. To view the Log Details of an attack, you simply have to select a specific attack.

Drill down into an IP address.

You will see every attack made from that IP address.

Select a specific attack from the IP address. You will be able to see information about the attack from this IP address. The Log Details will appear along the right side of the window:

Previous
Next