Fortinet Document Library

Version:

22.1.0
21.4.0

Table of Contents

Administration Guide

21.4.0
22.1.0
21.4.0
Download PDF
Copy Link

FortiView

The default FortiView page is the summary view, which uses widgets to show a general overview of what is happening with your device. You can add new widgets by selecting Add Widget.

Each widget is a customizable box, showing certain information about the device. You can do the following with widgets:

  • Click a widget title and drag it to move it around.
  • Delete a widget by selecting the X icon.
  • Set the refresh rate of widgets by selecting the dropdown list beside the refresh icon.

The following lists all widget types, grouped according to function:

Threats

Widget

Description

Feature required to be enabled on device

Top Threats

Displays which threats trigger the most detection events on the network.

At least one of the following: IPS, AV, AntiSpam, DLP, or Anomaly Detection.

Top Spam

Displays which sources send the most spam email into the network.

AntiSpam

Top Viruses

Counts the viruses that the device's AV most frequently finds.

AV

Top Applications by Threat Score

Compares which applications have the most traffic compared to their threat score, based on the device's Application Control settings.

Application Control

Top Attacks

Counts the attacks that the device's IPS most frequently prevents.

IPS

Top DLP By Rules

Counts the DLP events that the device detects, sorted by DLP rule.

DLP

Traffic Analysis

Widget

Description

Feature required to be enabled on device

Top Applications

Compares which applications are most frequently used, based on the device's Application Control settings.

Application Control

Top Application Categories

Compares which application categories are most frequently used, based on the device's Application Control settings.

Application Control

Top Sources

Displays which sources have the most traffic from or to the device.

 

Top Destinations

Displays which destinations have the most traffic from or to the device.

 

Top Protocols

Compares the traffic volume that has passed through a certain interface, based on which protocol it uses (HTTP, HTTPS, DNS, TCP, UDP, other).

 

Top Countries

Displays which countries have the most traffic from or to the device.

 

Traffic History

Displays volume of incoming and outgoing traffic over time.

 

Bandwidth

Displays utilization per interface in bps.

 
Websites

Widget

Description

Feature required to be enabled on device

Top Websites

Compares which websites are most frequently visited. You can click a category to see which websites in that category are being visited.

Web Filtering

Top Web Categories

Compares which web filtering categories are most frequently used, based on the device's Web Filtering settings.

Web Filtering

Top Users/IP by Browsing Time in Seconds

Compares which users visit which IP addresses most frequently in the greatest ratio. You can click a user to see which IP addresses they visit.

Web Filtering
DNS

Widget

Description

Feature required to be enabled on device

Top Queried Domain

Compares which domains are most frequently queried.

  

Queried Botnet C-and-C Domains

Displays which botnet C-and-C domains were queried.

  

High Risk Domains

Displays which high risk domains were visited.

  

Top Domain Lookup Failures

Displays domains with highest number of lookup failures.

 

FortiView offers log information, reformatted into easily navigable charts, in a style similar to FortiView in FortiOS.

You can select a time period to view data for:

  • Last 60 minutes
  • Last 24 hours
  • Last 7 days
  • Last 30 days
  • Specified time period

You can set the chart's refresh rate by clicking the Refresh icon. By using the Add Filter dropdown list, you can filter the chart by various factors. Individual chart entries may also allow you to filter by that entry's data by selecting a filter icon on the right, or drill down to see all related log data, such as all log data through that interface.

FortiView

The default FortiView page is the summary view, which uses widgets to show a general overview of what is happening with your device. You can add new widgets by selecting Add Widget.

Each widget is a customizable box, showing certain information about the device. You can do the following with widgets:

  • Click a widget title and drag it to move it around.
  • Delete a widget by selecting the X icon.
  • Set the refresh rate of widgets by selecting the dropdown list beside the refresh icon.

The following lists all widget types, grouped according to function:

Threats

Widget

Description

Feature required to be enabled on device

Top Threats

Displays which threats trigger the most detection events on the network.

At least one of the following: IPS, AV, AntiSpam, DLP, or Anomaly Detection.

Top Spam

Displays which sources send the most spam email into the network.

AntiSpam

Top Viruses

Counts the viruses that the device's AV most frequently finds.

AV

Top Applications by Threat Score

Compares which applications have the most traffic compared to their threat score, based on the device's Application Control settings.

Application Control

Top Attacks

Counts the attacks that the device's IPS most frequently prevents.

IPS

Top DLP By Rules

Counts the DLP events that the device detects, sorted by DLP rule.

DLP

Traffic Analysis

Widget

Description

Feature required to be enabled on device

Top Applications

Compares which applications are most frequently used, based on the device's Application Control settings.

Application Control

Top Application Categories

Compares which application categories are most frequently used, based on the device's Application Control settings.

Application Control

Top Sources

Displays which sources have the most traffic from or to the device.

 

Top Destinations

Displays which destinations have the most traffic from or to the device.

 

Top Protocols

Compares the traffic volume that has passed through a certain interface, based on which protocol it uses (HTTP, HTTPS, DNS, TCP, UDP, other).

 

Top Countries

Displays which countries have the most traffic from or to the device.

 

Traffic History

Displays volume of incoming and outgoing traffic over time.

 

Bandwidth

Displays utilization per interface in bps.

 
Websites

Widget

Description

Feature required to be enabled on device

Top Websites

Compares which websites are most frequently visited. You can click a category to see which websites in that category are being visited.

Web Filtering

Top Web Categories

Compares which web filtering categories are most frequently used, based on the device's Web Filtering settings.

Web Filtering

Top Users/IP by Browsing Time in Seconds

Compares which users visit which IP addresses most frequently in the greatest ratio. You can click a user to see which IP addresses they visit.

Web Filtering
DNS

Widget

Description

Feature required to be enabled on device

Top Queried Domain

Compares which domains are most frequently queried.

  

Queried Botnet C-and-C Domains

Displays which botnet C-and-C domains were queried.

  

High Risk Domains

Displays which high risk domains were visited.

  

Top Domain Lookup Failures

Displays domains with highest number of lookup failures.

 

FortiView offers log information, reformatted into easily navigable charts, in a style similar to FortiView in FortiOS.

You can select a time period to view data for:

  • Last 60 minutes
  • Last 24 hours
  • Last 7 days
  • Last 30 days
  • Specified time period

You can set the chart's refresh rate by clicking the Refresh icon. By using the Add Filter dropdown list, you can filter the chart by various factors. Individual chart entries may also allow you to filter by that entry's data by selecting a filter icon on the right, or drill down to see all related log data, such as all log data through that interface.