Fortinet white logo
Fortinet white logo

Handbook

Step 9: Monitor the system and become familiar with logs and reports

Step 9: Monitor the system and become familiar with logs and reports

For your initial deployment, continue to use Detection Mode for a day or two during which you review logs for potential false positives and false negatives.

Basic steps
  1. Go to Traffic Monitor and Drop Monitor and review throughput rates. Start with aggregate graphs and then use the more detailed graphs to drill in on patterns of interest or concern.
  2. Go to Log & Report > Log Access > Logs > DDoS Attack Log and become familiar with the log table and how to use log filters.
  3. Go to Dashboard > Top Attacks and become familiar with the Top Attack summary for all types of attack information.


For details, refer to the following sections:

Step 9: Monitor the system and become familiar with logs and reports

Step 9: Monitor the system and become familiar with logs and reports

For your initial deployment, continue to use Detection Mode for a day or two during which you review logs for potential false positives and false negatives.

Basic steps
  1. Go to Traffic Monitor and Drop Monitor and review throughput rates. Start with aggregate graphs and then use the more detailed graphs to drill in on patterns of interest or concern.
  2. Go to Log & Report > Log Access > Logs > DDoS Attack Log and become familiar with the log table and how to use log filters.
  3. Go to Dashboard > Top Attacks and become familiar with the Top Attack summary for all types of attack information.


For details, refer to the following sections: