Reports for Fortinet Devices
EventLog Analyzer supports Fortinet firewalls and provides out-of-the-box reports for the following categories of events:
- Fortinet Events: These reports provide valuable information on all events including important events such as logons, failed logons, possible attacks, users added/deleted etc., on Fortinet devices.
- Firewall Allowed and Denied Traffic: The reports in this category provide insights on traffic based on the source, destination, protocol and port, and traffic trends.
- Successful and Failed Logons: These reports provide information on source, user-based, and trends reports.
- Firewall IDS/IPS Events: The reports in this category provide insights on possible attacks, and attacks based on the source and destination IP address. They also provide reports on attack trends.
- Firewall Security Events: These reports provide valuable information on applications, email and web filters. They also provide reports on antivirus and DLP.
- Firewall Accounts Management: This category provides reports on administrators and users added, deleted or modified.
- Firewall Policy Management: The reports in this category provide useful information on policies added, deleted or modified.
- Successful and Failed VPN Logon Reports: These reports provide insights on VPN logons and logouts based on success, failure, remote devices, users and trends.
- System Events: These reports provide valuable information on configuration changes, license expiration, power restores and failures, system shutdowns and reboots and failed commands.
- Device Severity Reports: The reports in this category provide insights into emergency, alerts, critical, error, warning, notice, information and debug events.
- VPN lP Assigned Reports: These reports provide information on private IP assigned, IP assigned users, remote IP and VPN IP assigned.
Managing Fortinet reports dashboard
- Go to the Reports section and click on the Devices option in the drop down menu. Select Fortinet from the displayed list of vendors.
- Click Select Device and choose the Fortinet devices for which you need the reports. Click Add.
- You can set filter criteria for events based on device, source, message and severity. Use logical operators as required.
- Select the Period for which you want the data to be displayed and click Apply.
- The graphs can be viewed in different formats.
- The All Events panel lists all the available out-of-the-box reports for Fortinet. Select the report you want to view.
- To export the report being viewed, click Export as and choose the format. Once done, you can download the report.
- Click Schedule to have this report exported and emailed periodically.
- Click More for further customization options.
- Set as Default, to set this report as the default for Fortinet reports.
- Add to Favorites, to mark this report as favorite.
- Pin to dashboard, to pin this report to the main dashboard in the Home page.