Fortinet black logo

Administration Guide

Home FortiEDR/XDR 5.0.0 Administration Guide

Other Options in the Event Viewer

5.0.0
6.2.0
6.0.0
5.2.1
5.2.0
5.1.0
5.0.0
4.2.0
4.1.1
4.1.0
Copy Link
Copy Doc ID 82fbe02c-e479-11eb-97f7-00505692583a:589132
Download PDF

Other Options in the Event Viewer

Option

Description
Sorting Events Click any column name to sort security events. For example, you may want to sort by Process and Collector in order to see the history of everything that happened to that process on that device.
Searching For Events

Click the down arrow in the Search Event field to display a variety of search options . When the Event Viewer display is filtered by a search, the Search Event field displays the words Multiple search . Click the to redisplay all the security events (unfiltered).

Note – The User field refers to the employee’s username on the computer and on the FortiEDR Manager.

Note

You can select one or more action types in the AIR Action dropdown list.
Exporting Events Click the button to export the selected security events to Excel or PDF.
Archiving Events

Click the button to archive the selected security events. These security events are not deleted. You can display them using the Search option (described above) and selecting the Included Archived Events option.

Note – To unarchive a security event, click the Unarchive button, and then confirm the unarchive action in the window that displays.
Deleting Events

Click the button to completely delete a security event from the FortiEDR system.

Note – A deleted security event cannot be restored or retrieved. Unless you are having storage capacity issues, we highly recommend just hiding security events and not deleting them.
Forensics The optional FortiEDR Forensics add-on enables you to perform deep analysis of security events, as described on Forensics.
Exception Manager Click the button to access the Exception Manager, as described on Exception Manager.
Previous
Next

Other Options in the Event Viewer

Option

Description
Sorting Events Click any column name to sort security events. For example, you may want to sort by Process and Collector in order to see the history of everything that happened to that process on that device.
Searching For Events

Click the down arrow in the Search Event field to display a variety of search options . When the Event Viewer display is filtered by a search, the Search Event field displays the words Multiple search . Click the to redisplay all the security events (unfiltered).

Note – The User field refers to the employee’s username on the computer and on the FortiEDR Manager.

Note

You can select one or more action types in the AIR Action dropdown list.
Exporting Events Click the button to export the selected security events to Excel or PDF.
Archiving Events

Click the button to archive the selected security events. These security events are not deleted. You can display them using the Search option (described above) and selecting the Included Archived Events option.

Note – To unarchive a security event, click the Unarchive button, and then confirm the unarchive action in the window that displays.
Deleting Events

Click the button to completely delete a security event from the FortiEDR system.

Note – A deleted security event cannot be restored or retrieved. Unless you are having storage capacity issues, we highly recommend just hiding security events and not deleting them.
Forensics The optional FortiEDR Forensics add-on enables you to perform deep analysis of security events, as described on Forensics.
Exception Manager Click the button to access the Exception Manager, as described on Exception Manager.
Previous
Next