Configuring a report query – Fortinet FortiLog-400 User Manual
Page 59
Reports
Creating and generating a report
FortiLog Administration Guide
05-16000-0082-20050115
59
5
Select Apply.
Configuring a report query
Select the specific information you need to generate a more concise report. Each
report category includes a refined list of sub-categories that reports specific
information. For example, you can generate an extensive intrusion activity report, or
only generate intrusion activity by attacks by top types, or by hour of the day.
The default is to run a report for all information in the log files. Select the specific
information you want to include in the report. Reports are listed by categories and
sub-categories.You can save the report query selections to use in other reports.
Figure 29: Report query options
To set the report queries
1
Go to Reports > Config.
2
Select a report from the list.
3
Select Queries.
Per Virtual
Domain
Select to generate the report based on the virtual domains configured on the
FortiGate devices.
For all devices Select to generate the report for all devices.
Per device
Select to generate a separate report for each device.
Resolve Host
Names
Select to display host names by name rather than IP addresses. For
details on configuring IP address host names see
.
Resolve Service
Names
Select to display network service names rather than port numbers.
For example, HTTP rather than port 80.
In 'Ranked
Reports' show
top
For some report types, you can set the top ranked items for the
report. When setting top ranked items, the report will only include the
most active content. For example, report the most active mail clients
within the organization rather than all mail clients.