Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • FortiDLP Console User Guide

    Home FortiDLP FortiDLP Console User Guide

    Node search properties

    Node search properties

    You can use the following properties to create custom search queries within the Nodes module.

    Node search properties
    Property Format Description
    agent_version String The node's Agent version.
    archived_at Timestamp The node's archive date.
    archived_by String The name of the operator or auto-archive rule that archived the node.
    archived_reason String The node's archive reason.
    city String The node's city location.
    country String The node's country location.
    country_code String The country code corresponding to the node's country location.
    distro String The node's OS distribution name and version.
    enrolled_at String The node's Agent enrollment date and time.
    hardware_id String The node's hardware identifier.
    hostname String The node's hostname.
    isolated Boolean Indicates whether the isolate action has been executed on the node.
    reporting_mode String The reporting mode of the node's Agent, which determines what data it is allowed to report.
    kernel_version String The node's kernel version.
    last_active String The time since the FortiDLP Infrastructure last received a heartbeat from the Agent. The Agent sends a heartbeat to the FortiDLP Infrastructure every 15 minutes to confirm the connection. Values must be entered in epoch or RFC3339 format.
    locked Boolean Indicates whether the lock action has been executed on the node.
    os String The node's operating system.
    remote_address String The node's remote address.
    rollout_exempt Boolean The method for directing Agents to stacks when applicable routing rules are configured with the rollout parameter.
    state String The node's Agent state, indicating whether the Agent has been archived or not.
    uuid String The node's identifier assigned by the Agent.
    Previous
    Next

    Node search properties

    Node search properties

    You can use the following properties to create custom search queries within the Nodes module.

    Node search properties
    Property Format Description
    agent_version String The node's Agent version.
    archived_at Timestamp The node's archive date.
    archived_by String The name of the operator or auto-archive rule that archived the node.
    archived_reason String The node's archive reason.
    city String The node's city location.
    country String The node's country location.
    country_code String The country code corresponding to the node's country location.
    distro String The node's OS distribution name and version.
    enrolled_at String The node's Agent enrollment date and time.
    hardware_id String The node's hardware identifier.
    hostname String The node's hostname.
    isolated Boolean Indicates whether the isolate action has been executed on the node.
    reporting_mode String The reporting mode of the node's Agent, which determines what data it is allowed to report.
    kernel_version String The node's kernel version.
    last_active String The time since the FortiDLP Infrastructure last received a heartbeat from the Agent. The Agent sends a heartbeat to the FortiDLP Infrastructure every 15 minutes to confirm the connection. Values must be entered in epoch or RFC3339 format.
    locked Boolean Indicates whether the lock action has been executed on the node.
    os String The node's operating system.
    remote_address String The node's remote address.
    rollout_exempt Boolean The method for directing Agents to stacks when applicable routing rules are configured with the rollout parameter.
    state String The node's Agent state, indicating whether the Agent has been archived or not.
    uuid String The node's identifier assigned by the Agent.
    Previous
    Next