config log report
Use this command to configure on-demand or scheduled reports.
Before you begin:
- You must have read-write permission for log settings.
Syntax
config log report
edit <name>
set email-format pdf
set email-attachname <string>
set email-body <string>
set email-compress {enable|disable}
set email-subject <string>
set on-schedule {enable|disable}
set period-relative {absolute|last-2-weeks|last-7-days|last-14-days|last-30-days|last-N-days|last-N-hours|last-N-weeks| last-month|last-quarter|last-week|this-month|this-quarter|this-week|this-year|today|yesterday}
set period-absolute-from <YYYY-MM-DD-HH:MM:SS>
set period-absolute-to <YYYY-MM-DD-HH:MM:SS>
set queryset <datasource>
set schedule-hour <integer>
set schedule-type {daily|weekdays}
set schedule-weekdays {friday monday saturday sunday thursday tuesday wednesday}
next
end
|
email-format |
Attachment format. Only PDF is supported. If you schedule reports and set this option, the report is sent on schedule to all addresses in the config log report email list. |
|
email-attachname |
Filename for attachment. |
|
email-body |
Message body. |
|
email-compress |
Enable/disable compression of the attachment. |
|
email-subject |
Message subject. |
|
on-schedule |
Enable/disable reporting on schedule. |
|
period-relative |
Report period relative to the time it is generated. |
|
period-absolute-from |
If period-relative is set to absolute, specify from and to timestamps for one-time reports for a specified time range. |
|
period-absolute-to |
|
|
queryset |
Specify a space-separated list of queries to include in the report attachment. There are many predefined queries, and you can configure user-defined queries with the config log report_queryset command. |
|
schedule-hour |
0-23. |
|
schedule-type |
Daily or on specified days. |
|
schedule-weekdays |
If you do not schedule the report daily, specify the days on which to run it. |
Example
FortiADC-docs # config log report
FortiADC-docs (report) # edit my_report
Add new entry 'my_report' for node 1962
FortiADC-docs (my_report) # get
on-schedule : enable
queryset :
email-format :
period-relative : yesterday
schedule-type : schedule-hour : 12
FortiADC-docs (my_report) # set queryset ?
<datasource> query list
SLB-Top-Policy-By-Bytes log.report_queryset
SLB-Top-Source-By-Bytes log.report_queryset
SLB-Top-Source-Country-By-Bytes log.report_queryset
SLB-History-Flow-By-Bytes log.report_queryset
LLB-Top-Link-by-Bytes log.report_queryset
LLB-History-Flow-By-Bytes log.report_queryset
DNS-Top-Policy-by-Count log.report_queryset
DNS-Top-Source-by-Count log.report_queryset
Attack-Top-Destination-For-IPReputation-By-Count log.report_queryset
Attack-Top-Source-For-IPReputation-By-Count log.report_queryset
Attack-Top-Source-Country-For-IPReputation-By-Count log.report_queryset
Attack-Top-Destination-For-GEO-By-Count log.report_queryset
Attack-Top-Source-For-GEO-By-Count log.report_queryset
Attack-Top-Source-Country-For-GEO-By-Count log.report_queryset
Attack-Top-Destination-For-WAF-By-Count log.report_queryset
Attack-Top-Source-For-WAF-By-Count log.report_queryset
Attack-Top-Source-Country-For-WAF-By-Count log.report_queryset
Attack-Top-Destination-For-Synflood-By-Count log.report_queryset
Event-Top-Admin-Login-By-Count log.report_queryset
Event-Top-Failed-Admin-Login-By-Count log.report_queryset
Event-Top-Admin-Config-By-Count log.report_queryset
FortiADC-docs (my_report) # set queryset SLB-Top-Source-Country-By-Bytes Attack-Top-Source-Country-For-WAF-By-Count
FortiADC-docs (my_report) # set email-format pdf
FortiADC-docs (my_report) # set schedule-type daily
FortiADC-docs (my_report) # set email-attachname "Daily_Country_Report"
FortiADC-docs (my_report) # set email-body "This report was sent by your website admin. Please contact admin@example.com to request changes to daily report metrics."
FortiADC-docs (my_report) # get
on-schedule : enable
queryset : SLB-Top-Source-Country-By-Bytes Attack-Top-Source-Country-For-WAF-By-Count
email-format : pdf
email-subject : "Daily Country Report" email-body : "This report was sent by your website admin. Please contact admin@example.com to request changes to daily report metrics."
email-attachname : Daily_Country_Report
email-compress : enable period-relative : yesterday
schedule-type : daily schedule-hour : 12
FortiADC-docs (my_report) # end