Reports
Reports provide a clear, concise overview of what is happening on your network based on log data, and can be customized to serve different purposes. There are three types of reports supported by the FortiGate: FortiOS Reports, FortiCloud Reports, and FortiAnalyzer Reports.
FortiOS Reports are generated and configured on the FortiGate unit itself, FortiCloud Reports are created and configured on the FortiCloud site and mirrored to the connected FortiGate for viewing, and FortiAnalyzer reports Best practices: Log management
are created and configured on a FortiAnalyzer unit. For more information about those reports, see the FortiAnalyzer Administration Guide.
In order to create FortiOS Reports on a device, disk logging must be enabled. Not all devices are capable of disk logging; check the Feature Matrix to see if your unit has a hard disk. Once disk logging has been enabled, Local Reports can then be enabled in System > Feature Visibility in order to view and edit reports.
What are FortiOS reports?
FortiOS reports are created from logs stored on the FortiGate unit’s hard drive. These reports, generated by the FortiGate unit itself, provide a central overview of traffic and security features on the FortiGate. A default FortiOS report, called the FortiGate Security Feature Daily Activity Report, is available for you to use or modify to your requirements. The default report compiles security feature activity from various security-related logs, such as virus and attack logs. You can quickly and easily create your own report from within the management interface.
What you can do with the default FortiOS report
On the Log & Report > Local Reports page, you can set the frequency and timing of auto-generated reports.
You can select Run Nowon the Local Reports page to immediately create a report with the current layout and design. More complex reports may take longer to generate. After generating a report, you can view it by selecting it from the list below Run Now.
Historical reports will be marked as ‘Scheduled’ if created automatically, or ‘On Demand’ if created by selecting
Run Now.
What are FortiCloud reports?
FortiCloud reports are created from logs stored on the FortiCloud log management service. An active FortiCloud
Service Subscription is required in order to view, configure, or use these reports. They are generated by
FortiCloud according to a schedule you set, and then mirrored to the FortiGate interface and can be viewed at Log & Report > FortiCloud Reports, which may not appear in the interface until a report is created. If you wish to configure the report design or structure, you will have to do so from the FortiCloud portal website.
See the FortiCloud Administration Guide for more information about using and configuring FortiCloud reports.
My local reports are highly inaccurate in terms of bandwidth counts. I ran some bandwidth tests, peaking at around 600Mb up/down. Fortigate local reports say peak of 80Mb. Also tested downloads, totaled around around 280GB in data. Fortigate local report says about 100GB total. Does SSL encryption throw off data transfer information? The download tests were mostly encrypted, but I would think, at least, the speed test would be accurate.