Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Administration Guide

    Home FortiGate Cloud 25.4.0 Administration Guide
    25.4.0
    26.1.a
    26.1.0
    25.4.a
    25.4.0

    Incidents

    Incidents

    The Analytics > Incidents & Events > Incidents page displays all incidents created to track and analyze events.

    Charts at the top of the page display:

    Chart

    Description

    Severity

    Displays the total number of incidents and the number of incidents for each severity:

    • Low

    • Medium

    • High

    • Critical

    Click the chart to filter the page. Click the Filter icon beside Severity to remove the filter.

    Status

    Displays the total number of incidents and the number of incidents for each status:

    • Analysis

    • Response

    • Closed (Remediated)

    • Closed (False Positive)

    • Not Assigned

    Click the chart to filter the page. Click the Filter icon beside Status to remove the filter.

    Category

    Displays the total number of incidents and the number of incidents per category:

    • Unauthorized Access

    • Denial of Service

    • Malicious Code

    • Improper Usage

    • Scans/Probes/Attempted Access

    • Uncategorized

    Click the chart to filter the page. Click the Filter icon beside Category to remove the filter.

    Hover the mouse over a column heading to display:

    • Configure Table icon: Click to choose which columns to display in the table.

    • Filter icon: Click to access filter options for the column. May not be available for all columns.

    To view incident analysis:

    1. Go to Analytics > Incidents & Events > Incidents.

    2. Select an incident and click Analysis.

      A summary of the incident is displayed as well as the associated event(s).

    3. When done, click Back.

    To edit an incident:

    1. Go to Analytics > Incidents & Events > Incidents.

    2. Select an incident and click Edit.

    3. Edit the following options, and click OK:

      • Name

      • Incident Category

      • Severity

      • Status

      • Description

      • Assigned To

    Previous
    Next

    Incidents

    Incidents

    The Analytics > Incidents & Events > Incidents page displays all incidents created to track and analyze events.

    Charts at the top of the page display:

    Chart

    Description

    Severity

    Displays the total number of incidents and the number of incidents for each severity:

    • Low

    • Medium

    • High

    • Critical

    Click the chart to filter the page. Click the Filter icon beside Severity to remove the filter.

    Status

    Displays the total number of incidents and the number of incidents for each status:

    • Analysis

    • Response

    • Closed (Remediated)

    • Closed (False Positive)

    • Not Assigned

    Click the chart to filter the page. Click the Filter icon beside Status to remove the filter.

    Category

    Displays the total number of incidents and the number of incidents per category:

    • Unauthorized Access

    • Denial of Service

    • Malicious Code

    • Improper Usage

    • Scans/Probes/Attempted Access

    • Uncategorized

    Click the chart to filter the page. Click the Filter icon beside Category to remove the filter.

    Hover the mouse over a column heading to display:

    • Configure Table icon: Click to choose which columns to display in the table.

    • Filter icon: Click to access filter options for the column. May not be available for all columns.

    To view incident analysis:

    1. Go to Analytics > Incidents & Events > Incidents.

    2. Select an incident and click Analysis.

      A summary of the incident is displayed as well as the associated event(s).

    3. When done, click Back.

    To edit an incident:

    1. Go to Analytics > Incidents & Events > Incidents.

    2. Select an incident and click Edit.

    3. Edit the following options, and click OK:

      • Name

      • Incident Category

      • Severity

      • Status

      • Description

      • Assigned To

    Previous
    Next