Fortinet black logo

Administration Guide

Threats by Hosts - level 1

Copy Link
Copy Doc ID af12b5b0-1c45-11ea-9384-00505692583a:967181
Download PDF

Threats by Hosts - level 1

The following options are available:

Time Period

Select the time period from the dropdown list. Select one of the following: 24 Hours, 7 Days, or 4 Weeks.

Export Data

Click the Export Data button to create a PDF or CSV snapshot report. You can wait till the report is ready to view, or navigate away and find the report later in Log & Report > Report Center page.

Search

Show or hide the search filter field.

Refresh

Click the refresh icon to refresh the entries displayed after applying search filters.

Add Search Filter

Click the Search Filter field to add search filters. Click the Cancel icon to the left of the search filter to remove the specific filter. Click the Clear All Filters icon in the search filter field to clear all filters.

In this page, the threat target host or user name can be the search criteria. You can input a partial value to search all records that contain it.

Search filters can be used to filter the information displayed in the GUI.

View Job

Click the View Jobs icon to drill down the entry.

Pagination

Use the pagination options to browse entries displayed.

This page displays the following information:

Host/Username

The device and username that is the target of threats. Click the column header to sort the table by this column.

Note: A duplicate user name or host from a different VDOM is considered a different user.

Device Name

The device name. Click the column header to sort the table by this column.

# of Malicious Files

The number of unique malicious files associated with the user for the time period selected. Click the column header to sort the table by this column.

# of Suspicious Files

The number of unique suspicious files associated with the user for the time period selected. Click the column header to sort the table by this column.

# of Network Threats

The number of unique network threats (attacker, botnet, and suspicious URL events) associated with the user for the time period selected. Click the column header to sort the table by this column.

Timeline

View the Threat Timeline Chart. When you click on any dot in the chart, all events associated will be displayed. When you click on an event, the View Details page will open.

Total Host

The number of hosts displayed and total number of hosts.

Threats by Hosts - level 1

The following options are available:

Time Period

Select the time period from the dropdown list. Select one of the following: 24 Hours, 7 Days, or 4 Weeks.

Export Data

Click the Export Data button to create a PDF or CSV snapshot report. You can wait till the report is ready to view, or navigate away and find the report later in Log & Report > Report Center page.

Search

Show or hide the search filter field.

Refresh

Click the refresh icon to refresh the entries displayed after applying search filters.

Add Search Filter

Click the Search Filter field to add search filters. Click the Cancel icon to the left of the search filter to remove the specific filter. Click the Clear All Filters icon in the search filter field to clear all filters.

In this page, the threat target host or user name can be the search criteria. You can input a partial value to search all records that contain it.

Search filters can be used to filter the information displayed in the GUI.

View Job

Click the View Jobs icon to drill down the entry.

Pagination

Use the pagination options to browse entries displayed.

This page displays the following information:

Host/Username

The device and username that is the target of threats. Click the column header to sort the table by this column.

Note: A duplicate user name or host from a different VDOM is considered a different user.

Device Name

The device name. Click the column header to sort the table by this column.

# of Malicious Files

The number of unique malicious files associated with the user for the time period selected. Click the column header to sort the table by this column.

# of Suspicious Files

The number of unique suspicious files associated with the user for the time period selected. Click the column header to sort the table by this column.

# of Network Threats

The number of unique network threats (attacker, botnet, and suspicious URL events) associated with the user for the time period selected. Click the column header to sort the table by this column.

Timeline

View the Threat Timeline Chart. When you click on any dot in the chart, all events associated will be displayed. When you click on an event, the View Details page will open.

Total Host

The number of hosts displayed and total number of hosts.