Managing event handlers – FortiAnalyzer – FortiOS 6.2.3
Managing event handlers To manage event handlers, go to Incidents & Events > Event Monitor> Event HandlerList. FortiAnalyzer includes predefined event handlers that you can use to generate...
View ArticleEvents – FortiAnalyzer – FortiOS 6.2.3
Events After event handlers start generating events, view events and event details in Incidents & Events > Event Monitor. When rebuilding the SQL database, you might not see a complete list of...
View ArticleDefault event views – FortiAnalyzer – FortiOS 6.2.3
Default event views FortiAnalyzer event handlers apply one or more tags to events, allowing the events to be grouped into views in the Event Monitor. These views are visible in the left navigation...
View ArticleFiltering events – FortiAnalyzer – FortiOS 6.2.3
Filtering events You can filter events using the Add Filter box in the toolbar or by right-clicking an entry and selecting a context-sensitive filter. Filter FortiView summaries using the Add Filter...
View ArticleViewing event details and Acknowledging Events – FortiAnalyzer
Viewing event details In an event list, to view event details, double-click an event line to drill down for more details. The event details page contains information about the event and a list of all...
View ArticleManaging default views – FortiAnalyzer – FortiOS 6.2.3
Managing default views Default views in the By Endpoint, By Threat, and System Events view categories can be hidden, disabled, or copied as a custom view, allowing you to display only the views that...
View ArticleCreating custom views – FortiAnalyzer – FortiOS 6.2.3
Creating custom views To create a custom view: Go to Incidents & Events. Select an existing view to copy. Select Add Filters to add any additional filters you want to include in the custom view....
View ArticleUnderstanding event statuses – FortiAnalyzer – FortiOS 6.2.3
Understanding event statuses In the Event Monitor dashboards, you can view the status of an event in the Event Status column. Event statuses include Unhandled, Mitigated, Contained, and (blank). Event...
View ArticleSubnet lists – FortiAnalyzer – FortiOS 6.2.3
Subnet lists In Incidents & Events, you can define subnet lists which can be added to subnet groups. Subnet lists and groups can be used to create a whitelist or blacklist in event handlers....
View ArticleIncidents – FortiAnalyzer – FortiOS 6.2.3
Incidents To view incidents, go to Incidents & Events > Incidents > All Incidents. To configure incident settings, go to Incidents & Events > Incidents > Incident Settings. Raising...
View ArticleSOC Monitoring – FortiAnalyzer – FortOS 6.2.3
SOC Monitoring Use the Security Operations Center (SOC) to view Monitors and FortiView. Monitors are designed for network and security operation centers where dashboards are displayed across multiple...
View ArticleFortiView – FortiAnalyzer – FortiOS 6.2.3
FortiView FortiView is a comprehensive monitoring system for your network that integrates real-time and historical data into a single view. It can log and monitor threats to networks, filter data on...
View ArticleUsing FortiView – FortiAnalyzer – FortiOS 6.2.3
Using FortiView Viewing FortiView dashboards When viewing FortiView dashboards, use the controls in the toolbar to select a device, specify a time period, refresh the view, and switch to full-screen...
View ArticleEnabling and disabling SOC – FortiAnalyzer – FortiOS 6.2.3
Enabling and disabling SOC The FortiAnalyzer SOC module can be disabled for performance tuning through the CLI. When disabled, the GUI will hide the SOC modules as well as the FortiView and Monitors...
View ArticleReports – FortiAnalyzer – FortiOS 6.2.3
Reports You can generate data reports from logs by using the Reports feature. You can do the following: l Use predefined reports. Predefined report templates, charts, and macros are available to help...
View ArticleCreating reports – FortiAnalyzer – FortiOS 6.2.3
Creating reports You can create reports from report templates, by cloning and editing predefined/existing reports, or start from scratch. Creating reports from report templates You can create a new...
View ArticleManaging reports – FortiAnalyzer – FortiOS 6.2.3
Managing reports You can manage reports by going to Reports > Report Definitions > All Reports. Some options are available as buttons on the toolbar. Some options are available in the right-click...
View ArticleFortiAnalyzer – FortiOS 6.2.3 – Chart library
Chart library Use the Chart library to create, edit, and manage your charts. In a Security Fabric ADOM, you can insert charts from all device types into a single report. Creating charts To create...
View ArticleFortiAnalyzer – FortiOS 6.2.3 – Macro library
Macro library Use the Macro library to create, edit, and manage your macros. Creating macros FortiAnalyzer includes a number of predefined macros. You can also create new macros, or clone and edit...
View ArticleFortiAnalyzer – FortiOS 6.2.3 – Datasets
Datasets Use the Datasets pane to create, edit, and manage your datasets. Creating datasets FortiAnalyzer datasets are collections of data from logs for monitored devices. Charts and macros reference...
View Article