Fortinet black logo

FortiView charts reference

23.4.0
Copy Link
Copy Doc ID ce71c0e4-7759-11ee-a142-fa163e15d75b:155076
Download PDF

FortiView charts reference

The following provides descriptions of all FortiView charts.

User Dashboard

The User Dashboard displays the number of users/entities that fit into the following security categories:

  • Visited high risk websites
  • Infected by malware
  • Targeted by malware
  • Targeted by spam
  • Violated data loss rules
  • Used high-risk applications
  • Targeted by attacks
  • Attacked by protocol intrusion

You can click each category to view the list of users/entities affected. You can drill down further to view the list of incidents for each user/entity and the logs for each incident.

FSBP Dashboard

The FSBP Dashboard displays security rating results for the device in the following categories:

  • Overall Score
  • Maturity Milestones
  • Top Achievement
  • Top Todo
  • History Trend

The FSBP Dashboard is only available for devices that support the Security Rating feature.

Threats

Chart

Description

Top Threats

Lists the top threats to your network.

FortiGate Cloud considers the following incidents threats:

  • Risk applications detected by application control
  • Intrusion incidents detected by IPS
  • Malicious web sites detected by web filtering
  • Malware/botnets detected by antivirus (AV)

IPS

Lists intrusion incidents detected by IPS.

AntiVirus

Lists the malware/botnets detected by AV.

AntiSpam

Lists the spam detected by AntiSpam.

DLP & Archives

Lists the DLP and archives incidents.

Anomaly

Lists network anomalies.

Traffic Analysis

Chart

Description

Application

Displays the top applications used on the network including the application name, category, bandwidth (sent/received), sessions, and risk level.

Cloud Application

Displays the top cloud applications used on the network.

Source

Displays the highest network traffic by source IP address and name, bandwidth (sent/received), sessions, and risk level.

User

Displays the highest network traffic by user in terms of bandwidth sent/received, sessions, and risk level.

Destination

Displays the highest network traffic by destination IP addresses, the applications used to access the destination, bandwith sent/received, sessions, and risk level.

Interface

Displays the highest network traffic by interface in terms of bandwidth sent/received, traffic sessions. and risk level. You can view by source or destination interface.

Country

Displays the highest network traffic by country in terms of bandwidth sent/received, traffic sessions, and risk level. You can view by source or destination country.

Policy Hits

Lists the policy hits by policy, device name, VDOM, number of hits, bytes, and last used time and date.

Website

Chart

Description

Website

Displays the top allowed and blocked website domains on the network. You can also view by source. You can filter by threat level.

Web Category

Displays the top website categories. You can filter by threat level.

Browsing User/IP

Displays the top web-browsing users and their IP addresses by total browsing time duration. You can also view by category or domain. You can filter by threat level.

System Events

Chart

Description

System Activity

Displays events on the managed devices, their severity, and number of incidents. You can filter by user or severity level.

Admin Session

Displays the users who logged into managed devices, the number of configuration changes they performed, number of admin sessions, and their total duration of logged-in time. You can also view by login interface. You can filter by severity level.

Failed Login

Displays the users who failed to log into managed devices. You can also view by login interface. You can filter by severity level.

Wireless

Displays wireless events. You can filter by severity level.

VPN Events

Chart

Description

Site to Site

Displays the names of VPN tunnels with IPsec that are accessing the network.

SSL and Dialup

Displays the users who are accessing the network by using an SSL or IPsec VPN tunnel.

Failed VPN Login

Displays the users who failed to log in successfully via VPN.

FortiView charts reference

The following provides descriptions of all FortiView charts.

User Dashboard

The User Dashboard displays the number of users/entities that fit into the following security categories:

  • Visited high risk websites
  • Infected by malware
  • Targeted by malware
  • Targeted by spam
  • Violated data loss rules
  • Used high-risk applications
  • Targeted by attacks
  • Attacked by protocol intrusion

You can click each category to view the list of users/entities affected. You can drill down further to view the list of incidents for each user/entity and the logs for each incident.

FSBP Dashboard

The FSBP Dashboard displays security rating results for the device in the following categories:

  • Overall Score
  • Maturity Milestones
  • Top Achievement
  • Top Todo
  • History Trend

The FSBP Dashboard is only available for devices that support the Security Rating feature.

Threats

Chart

Description

Top Threats

Lists the top threats to your network.

FortiGate Cloud considers the following incidents threats:

  • Risk applications detected by application control
  • Intrusion incidents detected by IPS
  • Malicious web sites detected by web filtering
  • Malware/botnets detected by antivirus (AV)

IPS

Lists intrusion incidents detected by IPS.

AntiVirus

Lists the malware/botnets detected by AV.

AntiSpam

Lists the spam detected by AntiSpam.

DLP & Archives

Lists the DLP and archives incidents.

Anomaly

Lists network anomalies.

Traffic Analysis

Chart

Description

Application

Displays the top applications used on the network including the application name, category, bandwidth (sent/received), sessions, and risk level.

Cloud Application

Displays the top cloud applications used on the network.

Source

Displays the highest network traffic by source IP address and name, bandwidth (sent/received), sessions, and risk level.

User

Displays the highest network traffic by user in terms of bandwidth sent/received, sessions, and risk level.

Destination

Displays the highest network traffic by destination IP addresses, the applications used to access the destination, bandwith sent/received, sessions, and risk level.

Interface

Displays the highest network traffic by interface in terms of bandwidth sent/received, traffic sessions. and risk level. You can view by source or destination interface.

Country

Displays the highest network traffic by country in terms of bandwidth sent/received, traffic sessions, and risk level. You can view by source or destination country.

Policy Hits

Lists the policy hits by policy, device name, VDOM, number of hits, bytes, and last used time and date.

Website

Chart

Description

Website

Displays the top allowed and blocked website domains on the network. You can also view by source. You can filter by threat level.

Web Category

Displays the top website categories. You can filter by threat level.

Browsing User/IP

Displays the top web-browsing users and their IP addresses by total browsing time duration. You can also view by category or domain. You can filter by threat level.

System Events

Chart

Description

System Activity

Displays events on the managed devices, their severity, and number of incidents. You can filter by user or severity level.

Admin Session

Displays the users who logged into managed devices, the number of configuration changes they performed, number of admin sessions, and their total duration of logged-in time. You can also view by login interface. You can filter by severity level.

Failed Login

Displays the users who failed to log into managed devices. You can also view by login interface. You can filter by severity level.

Wireless

Displays wireless events. You can filter by severity level.

VPN Events

Chart

Description

Site to Site

Displays the names of VPN tunnels with IPsec that are accessing the network.

SSL and Dialup

Displays the users who are accessing the network by using an SSL or IPsec VPN tunnel.

Failed VPN Login

Displays the users who failed to log in successfully via VPN.