Incident > Analysis lists the Incidents detected by FortiDeceptor.
- Go to Incident > Analysis.
- The Analysis page displays the list of events:
Severity of the event.
Date and time of the last activity.
Type of event.
Attacker IP mask.
Port of the victim.
Name of the lure service.
Unique ID of the Decoy VM.
ID of the incident.
Port where the attack originated.
Unique key string for the incident.
Password used by the attacker.
Date and time when the attack started.
- To refresh the data, click Refresh.
- To download the detailed analysis report in PDF format, click Export to PDF.
- To mark items as read, expand the incident details or click Mark all as read.
Newly-detected incidents are in bold to indicate they are unread.
- To display specific types of events, click Show Interaction Events Only (default), IPS Events Only, Web Filter Events Only, or All.
- To specify columns and table settings, use the Settings icon at the bottom right.