Fortinet black logo

User Guide

Home FortiPortal 7.0.1 User Guide
7.0.1
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.0.14
6.0.13
6.0.12
6.0.11
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.3.8
5.3.7
5.3.6
5.3.5
5.3.4
5.3.3
5.3.2
5.3.0
5.2.0
4.1.0

Logs

Logs

The Logs tab in Insights displays information about the security event logs. It contains filters and controls that allow you to group the event logs in different ways, and to drill down and view the details of a related set of event logs.

The following action buttons are available in the top pane:

  • Traffic/Intrusion Prevention/Sandbox/Antivirus/DNS/Application Control/Web Filter/Event—view the event logs grouped by:
    • Application
    • Attack
    • Sandbox
    • Antivirus
    • Domain names
    • Application control
    • Web filter
    • Event
  • Scope—view output for all sites or select a specific site.
  • Set Filter—filter the data (Last 5 minutes, Last 30 minutes, Last 60 minutes, Last N minutes, Last 4 hours, Last 12 hours, Last N hours, Last 1 day, Last 7 days, Last N days, Last N months, or Specify).

    When you set the filter to last N Minutes/Hours/Days/Months, a search box appears next to Set Filter. Enter a value for N and click the Search icon to apply this filter.

    The table for your log is updated according to your selection in Set Filter and the value entered in the N search box.

    Previously selected time range in Dashboard, Monitors, or SD-WAN Monitoring is automatically applied to Logs.

    You can specify a custom time range and save it as a time selector. The custom time range is preserved between organizations.
  • Export to CSV—export the log view information as a CSV file.
  • Refresh—refresh the data.
  • Add Filter—add a filter to narrow down the search.

    Double-click a field in any View table to add the field as a filter. You can combine multiple filters to narrow down your search.
  • Settings—opens the Column Settings dialog. Select columns from the list to display.
  • Sort—Some columns have a sorting feature, allowing you to sort data in ascending or descending order.

A dropdown list at the bottom allows for selecting the number of entries to display per page.

You can use < and > buttons on the bottom right for page navigation, or you can select the page number directly to go to the page.

The following tabs provide different views of the data:

  • Traffic—arranged by application. See Traffic.
  • Intrusion Prevention—arranged by attack. See Intrusion Prevention.
  • Sandbox—arranged by sandbox. See Sandbox.
  • Antivirus—arranged by antivirus. See Antivirus.
  • DNS—arranged by domain names. See DNS.
  • Application Control—arranged by application control. See Application Control.
  • Web Filter—arranged by web filters. See Web Filter.
  • Event—arranged by events. See Event.
Previous
Next

Logs

The Logs tab in Insights displays information about the security event logs. It contains filters and controls that allow you to group the event logs in different ways, and to drill down and view the details of a related set of event logs.

The following action buttons are available in the top pane:

  • Traffic/Intrusion Prevention/Sandbox/Antivirus/DNS/Application Control/Web Filter/Event—view the event logs grouped by:
    • Application
    • Attack
    • Sandbox
    • Antivirus
    • Domain names
    • Application control
    • Web filter
    • Event
  • Scope—view output for all sites or select a specific site.
  • Set Filter—filter the data (Last 5 minutes, Last 30 minutes, Last 60 minutes, Last N minutes, Last 4 hours, Last 12 hours, Last N hours, Last 1 day, Last 7 days, Last N days, Last N months, or Specify).

    When you set the filter to last N Minutes/Hours/Days/Months, a search box appears next to Set Filter. Enter a value for N and click the Search icon to apply this filter.

    The table for your log is updated according to your selection in Set Filter and the value entered in the N search box.

    Previously selected time range in Dashboard, Monitors, or SD-WAN Monitoring is automatically applied to Logs.

    You can specify a custom time range and save it as a time selector. The custom time range is preserved between organizations.
  • Export to CSV—export the log view information as a CSV file.
  • Refresh—refresh the data.
  • Add Filter—add a filter to narrow down the search.

    Double-click a field in any View table to add the field as a filter. You can combine multiple filters to narrow down your search.
  • Settings—opens the Column Settings dialog. Select columns from the list to display.
  • Sort—Some columns have a sorting feature, allowing you to sort data in ascending or descending order.

A dropdown list at the bottom allows for selecting the number of entries to display per page.

You can use < and > buttons on the bottom right for page navigation, or you can select the page number directly to go to the page.

The following tabs provide different views of the data:

  • Traffic—arranged by application. See Traffic.
  • Intrusion Prevention—arranged by attack. See Intrusion Prevention.
  • Sandbox—arranged by sandbox. See Sandbox.
  • Antivirus—arranged by antivirus. See Antivirus.
  • DNS—arranged by domain names. See DNS.
  • Application Control—arranged by application control. See Application Control.
  • Web Filter—arranged by web filters. See Web Filter.
  • Event—arranged by events. See Event.
Previous
Next