Fortinet black logo

Administration Guide

Seven-day rolling counter for policy hit counters

Seven-day rolling counter for policy hit counters

Instead of storing a single number for the hit count and byte count collected since the inception of each policy, seven numbers for the last seven days and an active counter for the current day are stored. The past seven-day hit count is displayed in the policy list and policy pages. A seven-day bar chart shows statistics on each policy page. This feature is currently supported in firewall and multicast policies, but not security policies.

To view the rolling counter information in the GUI:
  1. Go to Policy & Objects > Firewall Policy or Policy & Objects > Multicast Policy.
  2. Select a policy and hover over the Bytes, Packets, or Hit Count values to view the tooltip with the corresponding traffic statistics and bar graph (this example uses firewall policies).

  3. Click Edit. The policy traffic statistics appear in the right-hand side of the page.
  4. Use the dropdowns to filter the bar graph data by counter (Bytes, Packets, or Hit Count) and policy type (IPv4, IPv6, or IPv4 + IPv6).

  5. Optionally, click Clear Counters to delete the traffic statistics for the policy.
  6. Click OK.
To view the rolling counter information in the CLI:
# diagnose firewall iprope show 100004 2
idx=2 pkts/bytes=14709/18777329 asic_pkts/asic_bytes=8087/10413737 nturbo_pkts/nturbo_bytes=8087/10413737 flag=0x0 hit count:19 (4 7 0 1 1 3 3 0)
    first:2021-03-02 17:09:00 last:2021-03-08 17:23:40
 established session count:0
    first est:2021-03-02 17:11:20 last est:2021-03-08 17:23:40
# diagnose firewall iprope6 show 100004 2
idx=2 pkts/bytes=15698/19307164 asic_pkts/asic_bytes=7006/8578911 nturbo_pkts/nturbo_bytes=7006/8578911 flag=0x0 hit count:19 (4 7 0 1 3 2 2 0)
    first:2021-03-02 17:10:32 last:2021-03-08 17:23:33
 established session count:0
    first est:2021-03-02 17:11:43 last est:2021-03-08 17:23:33

Seven-day rolling counter for policy hit counters

Instead of storing a single number for the hit count and byte count collected since the inception of each policy, seven numbers for the last seven days and an active counter for the current day are stored. The past seven-day hit count is displayed in the policy list and policy pages. A seven-day bar chart shows statistics on each policy page. This feature is currently supported in firewall and multicast policies, but not security policies.

To view the rolling counter information in the GUI:
  1. Go to Policy & Objects > Firewall Policy or Policy & Objects > Multicast Policy.
  2. Select a policy and hover over the Bytes, Packets, or Hit Count values to view the tooltip with the corresponding traffic statistics and bar graph (this example uses firewall policies).

  3. Click Edit. The policy traffic statistics appear in the right-hand side of the page.
  4. Use the dropdowns to filter the bar graph data by counter (Bytes, Packets, or Hit Count) and policy type (IPv4, IPv6, or IPv4 + IPv6).

  5. Optionally, click Clear Counters to delete the traffic statistics for the policy.
  6. Click OK.
To view the rolling counter information in the CLI:
# diagnose firewall iprope show 100004 2
idx=2 pkts/bytes=14709/18777329 asic_pkts/asic_bytes=8087/10413737 nturbo_pkts/nturbo_bytes=8087/10413737 flag=0x0 hit count:19 (4 7 0 1 1 3 3 0)
    first:2021-03-02 17:09:00 last:2021-03-08 17:23:40
 established session count:0
    first est:2021-03-02 17:11:20 last est:2021-03-08 17:23:40
# diagnose firewall iprope6 show 100004 2
idx=2 pkts/bytes=15698/19307164 asic_pkts/asic_bytes=7006/8578911 nturbo_pkts/nturbo_bytes=7006/8578911 flag=0x0 hit count:19 (4 7 0 1 3 2 2 0)
    first:2021-03-02 17:10:32 last:2021-03-08 17:23:33
 established session count:0
    first est:2021-03-02 17:11:43 last est:2021-03-08 17:23:33