The new DNS Security Report provides an in depth summary of detected threats from DNS traffic.
The indicators of compromise (IOC) feature must be enabled on FortiAnalyzer to get data for charts in the report. If the IOC feature is not enabled, the impacted charts in the generated report will be empty with a warning message stating, "No license for the Indicators of Compromise (IOC) service".
IOC is enabled by default.
- Enter the following command:
config system log ioc
set status enable
- Go to Reports > Templates.
From the Preview column, you can click PDF or HTML to preview the report in that format.
- Select the checkbox for Template - DNS Security Report.
- From the More dropdown, you can click Clone to clone the template and make adjustments.
You can also click Create Report to create a report using the template.
- Go to Reports > All Reports.
- Double-click the row for DNS Security Report.
- In the Generated Reports tab, click Run Report.
- Once the report is generated, click a format in the Format column to view the report.
Below is a sample of the report in PDF.