Fortinet white logo
Fortinet white logo

Administration Guide

7.4.0

Network events

Network events

The Network Events view displays the contents of the connection log: a list of historical host/user network events.

When the total number of records from Port Changes and Network Events views exceeds 100K, the oldest 20K entries (Port Changes and/or Network Events) are archived. Table size is not modifiable.

To access the Network Events view, select Network > Network events.

Filter/Configure Column

Each column header has a filter option. To filter:

  1. Hover over the column header to reveal the filter icon.

  2. Click the icon.

  3. Set desired filter criteria.

  4. Click Apply.

Settings

Field

Definition

Timestamp

Date/time of the logged event

Event Type

Name of the event (adapter connected, adapter disconnected, etc.).

IP Address

IP address of the device that made the connection.

MAC Address

MAC address of the host or device that made the connection.

Type

Indicates whether the host is Registered or a Rogue.

Location

Current or last known location of the device that made the connection.

Logical Network

VLAN associated with network event (if any).

Net ID

Used to store data such as vlanID, vlanName, whatever relevant info we may have access to (will vary based on event).

CLI Config Name

Name of CLI Configuration used (if any).

Radius

Flag to indicate if event is Radius or not.

Radius Attribute Default Group

Empty if not radius, otherwise shows the Attribute Default Group name.

Radius Attribute Logical Network Group

Empty if not radius, otherwise shows the Logical Network Group name.

Buttons

Details

Shows verbose debug information for Network Events if enabled via the global options table. To enable, add an option with a key "networkSession.captureSnapshots" and a value "true".

Network sessions

Shows information of associated Network Sessions (previously Fortigate Sessions).

Toggle

Filter Child Records

If enabled, this toggle will apply configured column filters to all child records as well as parent records.

Network events

Network events

The Network Events view displays the contents of the connection log: a list of historical host/user network events.

When the total number of records from Port Changes and Network Events views exceeds 100K, the oldest 20K entries (Port Changes and/or Network Events) are archived. Table size is not modifiable.

To access the Network Events view, select Network > Network events.

Filter/Configure Column

Each column header has a filter option. To filter:

  1. Hover over the column header to reveal the filter icon.

  2. Click the icon.

  3. Set desired filter criteria.

  4. Click Apply.

Settings

Field

Definition

Timestamp

Date/time of the logged event

Event Type

Name of the event (adapter connected, adapter disconnected, etc.).

IP Address

IP address of the device that made the connection.

MAC Address

MAC address of the host or device that made the connection.

Type

Indicates whether the host is Registered or a Rogue.

Location

Current or last known location of the device that made the connection.

Logical Network

VLAN associated with network event (if any).

Net ID

Used to store data such as vlanID, vlanName, whatever relevant info we may have access to (will vary based on event).

CLI Config Name

Name of CLI Configuration used (if any).

Radius

Flag to indicate if event is Radius or not.

Radius Attribute Default Group

Empty if not radius, otherwise shows the Attribute Default Group name.

Radius Attribute Logical Network Group

Empty if not radius, otherwise shows the Logical Network Group name.

Buttons

Details

Shows verbose debug information for Network Events if enabled via the global options table. To enable, add an option with a key "networkSession.captureSnapshots" and a value "true".

Network sessions

Shows information of associated Network Sessions (previously Fortigate Sessions).

Toggle

Filter Child Records

If enabled, this toggle will apply configured column filters to all child records as well as parent records.