Fortinet black logo

New Features

Home FortiAnalyzer 7.4.0 New Features
7.4.0
7.4.0
7.2.0
7.0.0
6.4.0
6.2.3
6.2.2
6.2.1
6.2.0

Replay attacks in the Threat Map 7.4.2

Replay attacks in the Threat Map 7.4.2

Note

This information is also available in the FortiAnalyzer 7.4 Administration Guide:

In FortiView > Threats > Threat Map, you can now replay threats from historical UTM logs.

The following options are available in the toolbar and map view for the Threat Map:

Option Description
Timeframe

Select Realtime to display threats in the map as soon as they are received by FortiAnalyzer.

Alternatively, select a timeframe to display historical UTM logs fetched from the database and replay them in order of occurrence.
Devices

Select devices to filter the threats, if needed.
Pause/Play

This option only available when the timeframe is not Realtime.

Click to pause or play the threats replay in the map. The ring around the play/pause button indicates the progress of the replay.
Replay rate

This option only available when the timeframe is not Realtime.

Use the plus (+) and minus (-) buttons to increase or decrease the replay speed. The fastest replay speed is 7 and the slowest is 1. The default is 3.

The list of threats that overlays the map view displays the following data:

  • Date and time of threat

  • Threat name

  • Threat level

  • Threat Source and Destination IPs, threat direction, and country flag if it is available

Below is an example of the Threat Map displaying threats in Realtime:

Below is an example of the Threat Map displaying a replay of threats from the last hour:

From the settings menu for the Threat Map, you can select the Source and/or Destination country of the threat. For example, see below.

Previous
Next

Replay attacks in the Threat Map 7.4.2

Note

This information is also available in the FortiAnalyzer 7.4 Administration Guide:

In FortiView > Threats > Threat Map, you can now replay threats from historical UTM logs.

The following options are available in the toolbar and map view for the Threat Map:

Option Description
Timeframe

Select Realtime to display threats in the map as soon as they are received by FortiAnalyzer.

Alternatively, select a timeframe to display historical UTM logs fetched from the database and replay them in order of occurrence.
Devices

Select devices to filter the threats, if needed.
Pause/Play

This option only available when the timeframe is not Realtime.

Click to pause or play the threats replay in the map. The ring around the play/pause button indicates the progress of the replay.
Replay rate

This option only available when the timeframe is not Realtime.

Use the plus (+) and minus (-) buttons to increase or decrease the replay speed. The fastest replay speed is 7 and the slowest is 1. The default is 3.

The list of threats that overlays the map view displays the following data:

  • Date and time of threat

  • Threat name

  • Threat level

  • Threat Source and Destination IPs, threat direction, and country flag if it is available

Below is an example of the Threat Map displaying threats in Realtime:

Below is an example of the Threat Map displaying a replay of threats from the last hour:

From the settings menu for the Threat Map, you can select the Source and/or Destination country of the threat. For example, see below.

Previous
Next