Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiPAM 1.4.1 Administration Guide
    1.4.1
    1.4.1
    1.4.0
    1.3.0
    1.2.0
    1.1.2
    1.1.1
    1.1.0
    1.0.3
    1.0.2
    1.0.1
    1.0.0

    Events

    Events

    The following two tabs are available in Events:

    • Summary

      The Summary tab displays the top five most frequent events in each type of event log and a line chart to show aggregated events by each severity level. Clicking on a peak in the line chart will display the specific event count for the selected severity level.

      There is an option for the line chart to change the time filter in which the events occurred, from 5 minutes to 7 days.

      The System Events log contains events such as:

      • Upgrade and downgrade of the system

      • Change of system configuration, such as timezone and FortiPAM recording settings

      • Deletion of outdated video files

      • Report generation

      • Reload of AntiVirus database

        And more.

      The User Events log contains events such as:

      • IP address and time when the user logs in or logs out

      • Login failure reason

      • User login as a normal user or API user

        And more.

      The HA Events log contains events such as:

      • Change in HA clusters

      • Synchronization status with the HA peers

        And more.

      The following options and widgets are available in the Summary tab:

      Log location

      Logs sourced from the FortiPAM disk only.
      Time frame

      From the dropdown, select from the following time filters:

      • 5 minutes

      • 1 hour

      • 24 hours

      • 7 days

      System Events

      Top system events by count.

      User Events

      Top user events by count.

      HA Events

      Top HA events by count.

      In System Events, User Events, or HA Events widgets, select an event to open the corresponding details tab with all the logs for the event listed in a table.
    • Details

      The tab displays the related information of each log for a specific event type. The event type can be toggled with the event type dropdown located right of the search bar. Different filters can be added, such as date/time to filter logs in a time range.

      The following options are available in the Details tab:

      Refresh

      To refresh the contents, click the refresh icon.

      Export

      From the Export dropdown, select to export the logs in the following three formats:

      • JSON: Export the selected log to your computer as a JSON file

      • CSV: Export the selected log to your computer as a CSV file

      • TEXT: Export the selected log to your computer as a text file

      +Add Filter

      From the dropdown, select a filter, select or add additional details about the filter to be used and hit Enter.

      Note: Logs can be filtered by date and time. The log viewer can be filtered with a custom range or with specific time frames.

      Time frame settings for each Log & Report page are independent. For example, changing the time frame on the System Events page does not automatically change the time frame on the User Events and HA Events pages.

      System Events

      From the dropdown, select from the following event types to display:

      • System Events

      • User Events

      • HA Events

      Log location

      Select a source from where to retrieve logs:

      • Disk (default) (FortiPAM)

      • FortiAnalyzer

      Time frame

      From the dropdown, select from the following time filters:

      • 5 minutes

      • 1 hour

      • 24 hours

      • 7 days

      • Custom

      • View All

      Custom filter

      1. From the dropdown, select Custom.
      2. Click the search bar.
      3. Select <=, >=, or A-B (date and time range).
      4. Depending on your selection in step 3, enter a date and time or a date and time range.
      5. Hit Enter.

      Details

      Select a log entry and then select Details to see more information about the log.

    Previous
    Next

    Events

    Events

    The following two tabs are available in Events:

    • Summary

      The Summary tab displays the top five most frequent events in each type of event log and a line chart to show aggregated events by each severity level. Clicking on a peak in the line chart will display the specific event count for the selected severity level.

      There is an option for the line chart to change the time filter in which the events occurred, from 5 minutes to 7 days.

      The System Events log contains events such as:

      • Upgrade and downgrade of the system

      • Change of system configuration, such as timezone and FortiPAM recording settings

      • Deletion of outdated video files

      • Report generation

      • Reload of AntiVirus database

        And more.

      The User Events log contains events such as:

      • IP address and time when the user logs in or logs out

      • Login failure reason

      • User login as a normal user or API user

        And more.

      The HA Events log contains events such as:

      • Change in HA clusters

      • Synchronization status with the HA peers

        And more.

      The following options and widgets are available in the Summary tab:

      Log location

      Logs sourced from the FortiPAM disk only.
      Time frame

      From the dropdown, select from the following time filters:

      • 5 minutes

      • 1 hour

      • 24 hours

      • 7 days

      System Events

      Top system events by count.

      User Events

      Top user events by count.

      HA Events

      Top HA events by count.

      In System Events, User Events, or HA Events widgets, select an event to open the corresponding details tab with all the logs for the event listed in a table.
    • Details

      The tab displays the related information of each log for a specific event type. The event type can be toggled with the event type dropdown located right of the search bar. Different filters can be added, such as date/time to filter logs in a time range.

      The following options are available in the Details tab:

      Refresh

      To refresh the contents, click the refresh icon.

      Export

      From the Export dropdown, select to export the logs in the following three formats:

      • JSON: Export the selected log to your computer as a JSON file

      • CSV: Export the selected log to your computer as a CSV file

      • TEXT: Export the selected log to your computer as a text file

      +Add Filter

      From the dropdown, select a filter, select or add additional details about the filter to be used and hit Enter.

      Note: Logs can be filtered by date and time. The log viewer can be filtered with a custom range or with specific time frames.

      Time frame settings for each Log & Report page are independent. For example, changing the time frame on the System Events page does not automatically change the time frame on the User Events and HA Events pages.

      System Events

      From the dropdown, select from the following event types to display:

      • System Events

      • User Events

      • HA Events

      Log location

      Select a source from where to retrieve logs:

      • Disk (default) (FortiPAM)

      • FortiAnalyzer

      Time frame

      From the dropdown, select from the following time filters:

      • 5 minutes

      • 1 hour

      • 24 hours

      • 7 days

      • Custom

      • View All

      Custom filter

      1. From the dropdown, select Custom.
      2. Click the search bar.
      3. Select <=, >=, or A-B (date and time range).
      4. Depending on your selection in step 3, enter a date and time or a date and time range.
      5. Hit Enter.

      Details

      Select a log entry and then select Details to see more information about the log.

    Previous
    Next