Fortinet black logo

New Features

Extra caching for SOC reports 6.4.1

Copy Link
Copy Doc ID 437aa0e1-63d2-11ea-9384-00505692583a:609850
Download PDF

Extra caching for SOC reports 6.4.1

Caching can be enabled for common log fields used for extended log filtering in reports. This feature is an enhancement for current report Auto Cache and report group function. After enabling this option, the following fields are added to each running report query:

  • Device ID
  • VDOM name
  • Source Endpoint ID
  • Source Enduser ID
  • Source IP
  • Destination IP
To enable extended log filtering:
  1. Go to Reports > All Reports and select a report.
  2. Click the Settings tab.
  3. Click Enable Auto-cache.
    The option to enable Extended Log Filtering is now available.
  4. Enable Extended Log Filtering, and click Apply.
    After it has been enabled, run the report and debug. You can see that devid, vd, srcip, dstip, epid, and euid are added to each report query.

Extra caching for SOC reports 6.4.1

Caching can be enabled for common log fields used for extended log filtering in reports. This feature is an enhancement for current report Auto Cache and report group function. After enabling this option, the following fields are added to each running report query:

  • Device ID
  • VDOM name
  • Source Endpoint ID
  • Source Enduser ID
  • Source IP
  • Destination IP
To enable extended log filtering:
  1. Go to Reports > All Reports and select a report.
  2. Click the Settings tab.
  3. Click Enable Auto-cache.
    The option to enable Extended Log Filtering is now available.
  4. Enable Extended Log Filtering, and click Apply.
    After it has been enabled, run the report and debug. You can see that devid, vd, srcip, dstip, epid, and euid are added to each report query.