Fortinet black logo

Administration Guide

Home FortiAnalyzer BigData 6.4.6 Administration Guide
6.4.6
7.4.0
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.6
7.0.5
7.0.4
7.0.3
7.0.1
6.4.6
6.4.5
6.2.5
6.2.1

Starting a global search

Starting a global search

To perform a simple global search, use the default values for the search federation, cluster and log time, then select a log type.

To perform a simple search:
  1. Select a search federation. Default” is the default.
  2. Select a cluster. LocalCluster is the default.
  3. Select the log time. Last 1 hour is the default.
  4. Select the log type. For example, FortiGate Traffic.
  5. (Optional) Select the log labels filter.
  6. Click Run Query to start a search.

Global Search settings

The following image and the corresponding to table provide information about each of the Global Search settings.

Search setting Description

Search Federation dropdown

Click the dropdown menu to select a federation. The default is Default.

Time Range selection

Click the dropdown menu to select a time range. The default is Last 1 hour.

Run Query Click Run Query to start the search.

Server Click the dropdown to select a server. The default is Local Cluster.

Log Type Click the dropdown to select a log type.

Log Label Click the dropdown to select a log label.

Log Query Input Use this field to enter the log query.

Histogram Displays the log time-range.

Log details Displays the log details.
Previous
Next

Starting a global search

To perform a simple global search, use the default values for the search federation, cluster and log time, then select a log type.

To perform a simple search:
  1. Select a search federation. Default” is the default.
  2. Select a cluster. LocalCluster is the default.
  3. Select the log time. Last 1 hour is the default.
  4. Select the log type. For example, FortiGate Traffic.
  5. (Optional) Select the log labels filter.
  6. Click Run Query to start a search.

Global Search settings

The following image and the corresponding to table provide information about each of the Global Search settings.

Search setting Description

Search Federation dropdown

Click the dropdown menu to select a federation. The default is Default.

Time Range selection

Click the dropdown menu to select a time range. The default is Last 1 hour.

Run Query Click Run Query to start the search.

Server Click the dropdown to select a server. The default is Local Cluster.

Log Type Click the dropdown to select a log type.

Log Label Click the dropdown to select a log label.

Log Query Input Use this field to enter the log query.

Histogram Displays the log time-range.

Log details Displays the log details.
Previous
Next