Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiGate / FortiOS 6.4.5 Administration Guide
    6.4.5
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0

    FortiView from disk

    FortiView from disk

    FortiView from disk is available on all FortiGates with an SSD disk.

    Restrictions

    Model

    Supported view

    Desktop models (100 series) with SSD

    Five minutes and one hour

    Medium models with SSD

    Up to 24 hours

    Large models (1500D and above) with SSD

    Up to seven days

    To enable seven days view:

    config log setting
    set fortiview-weekly-data enable
end

    Configuration

    A firewall policy needs to be in place with traffic logging enabled. For optimal operation with FortiView, internal interface roles should be clearly defined as LAN. DMZ and internet facing or external interface roles should be defined as WAN.

    To configure logging to disk in the GUI:
    1. Enable disk logging from the FortiGate GUI.
      1. Go to Log & Report > Log Settings > Local Traffic Log.
      2. Select the checkbox next to Disk.
    2. Enable historical FortiView from the FortiGate GUI.
      1. Go to Log & Report > Log Settings > Local Traffic Log.
      2. Select the checkbox next to Enable Historical FortiView.

    3. Click Apply.
    To include sniffer traffic and local-deny traffic when FortiView from Disk:

    config report setting

    set report-source forward-traffic sniffer-traffic local-deny-traffic

    end

    This feature is only supported through the CLI.

    To configure the data source in the GUI:
    1. Go to Dashboard > FortiView Sources.
    2. Select a time range other than now from the drop-down list to view historical data.
    3. In the top menu, click the dropdown, and select Settings. The Edit Dashboard Widget window opens.
      1. In the Data Source area, click Specify.
      2. From the dropdown, select Disk, then click OK.

      For information see, FortiView interface.

    Troubleshooting

    Use execute report flush-cache and execute report recreate-db to clear up any irregularities that may be caused by upgrading or cache issues.

    Previous
    Next

    FortiView from disk

    FortiView from disk

    FortiView from disk is available on all FortiGates with an SSD disk.

    Restrictions

    Model

    Supported view

    Desktop models (100 series) with SSD

    Five minutes and one hour

    Medium models with SSD

    Up to 24 hours

    Large models (1500D and above) with SSD

    Up to seven days

    To enable seven days view:

    config log setting
    set fortiview-weekly-data enable
end

    Configuration

    A firewall policy needs to be in place with traffic logging enabled. For optimal operation with FortiView, internal interface roles should be clearly defined as LAN. DMZ and internet facing or external interface roles should be defined as WAN.

    To configure logging to disk in the GUI:
    1. Enable disk logging from the FortiGate GUI.
      1. Go to Log & Report > Log Settings > Local Traffic Log.
      2. Select the checkbox next to Disk.
    2. Enable historical FortiView from the FortiGate GUI.
      1. Go to Log & Report > Log Settings > Local Traffic Log.
      2. Select the checkbox next to Enable Historical FortiView.

    3. Click Apply.
    To include sniffer traffic and local-deny traffic when FortiView from Disk:

    config report setting

    set report-source forward-traffic sniffer-traffic local-deny-traffic

    end

    This feature is only supported through the CLI.

    To configure the data source in the GUI:
    1. Go to Dashboard > FortiView Sources.
    2. Select a time range other than now from the drop-down list to view historical data.
    3. In the top menu, click the dropdown, and select Settings. The Edit Dashboard Widget window opens.
      1. In the Data Source area, click Specify.
      2. From the dropdown, select Disk, then click OK.

      For information see, FortiView interface.

    Troubleshooting

    Use execute report flush-cache and execute report recreate-db to clear up any irregularities that may be caused by upgrading or cache issues.

    Previous
    Next