beautypg.com

Configuring a report query – Fortinet FortiLog-400 User Manual

Page 59

background image

Reports

Creating and generating a report

FortiLog Administration Guide

05-16000-0082-20050115

59

5

Select Apply.

Configuring a report query

Select the specific information you need to generate a more concise report. Each
report category includes a refined list of sub-categories that reports specific
information. For example, you can generate an extensive intrusion activity report, or
only generate intrusion activity by attacks by top types, or by hour of the day.

The default is to run a report for all information in the log files. Select the specific
information you want to include in the report. Reports are listed by categories and
sub-categories.You can save the report query selections to use in other reports.

Figure 29: Report query options

To set the report queries

1

Go to Reports > Config.

2

Select a report from the list.

3

Select Queries.

Per Virtual
Domain

Select to generate the report based on the virtual domains configured on the

FortiGate devices.

For all devices Select to generate the report for all devices.
Per device

Select to generate a separate report for each device.

Resolve Host
Names

Select to display host names by name rather than IP addresses. For
details on configuring IP address host names see

“Defining IP

aliases” on page 55

.

Resolve Service
Names

Select to display network service names rather than port numbers.
For example, HTTP rather than port 80.

In 'Ranked
Reports' show
top

For some report types, you can set the top ranked items for the
report. When setting top ranked items, the report will only include the
most active content. For example, report the most active mail clients
within the organization rather than all mail clients.

This manual is related to the following products: