Fortinet black logo

Handbook

Home FortiDDoS-F 6.3.2 Handbook

Step 9: Monitor the system and become familiar with logs and reports

6.3.2
7.0.0
6.6.3
6.6.3
6.6.1
6.6.0
6.5.1
6.5.0
6.4.1
6.4.0
6.3.3
6.3.2
6.3.1
6.2.3
6.2.2
6.2.1
6.2.0
6.1.1
Copy Link
Copy Doc ID 7b437c33-fcc7-11ec-bb32-fa163e15d75b:332644
Download PDF

Step 9: Monitor the system and become familiar with logs and reports

For your initial deployment, continue to use Detection Mode for a day or two during which you review logs for potential false positives and false negatives.

Basic steps
  1. Go to Traffic Monitor and Drop Monitor and review throughput rates. Start with aggregate graphs and then use the more detailed graphs to drill in on patterns of interest or concern.
  2. Go to Log & Report > Log Access > Logs > DDoS Attack Log and become familiar with the log table and how to use log filters.
  3. Go to Dashboard > Top Attacks and become familiar with the Top Attack summary for all types of attack information.


For details, refer to the following sections:

Previous
Next

Step 9: Monitor the system and become familiar with logs and reports

For your initial deployment, continue to use Detection Mode for a day or two during which you review logs for potential false positives and false negatives.

Basic steps
  1. Go to Traffic Monitor and Drop Monitor and review throughput rates. Start with aggregate graphs and then use the more detailed graphs to drill in on patterns of interest or concern.
  2. Go to Log & Report > Log Access > Logs > DDoS Attack Log and become familiar with the log table and how to use log filters.
  3. Go to Dashboard > Top Attacks and become familiar with the Top Attack summary for all types of attack information.


For details, refer to the following sections:

Previous
Next