Reports – FortiOS 6

Reports

Reports provide a clear, concise overview of what is happening on your network based on log data, and can be customized to serve different purposes. There are three types of reports supported by the FortiGate: FortiOS Reports, FortiCloud Reports, and FortiAnalyzer Reports.

FortiOS Reports are generated and configured on the FortiGate unit itself, FortiCloud Reports are created and configured on the FortiCloud site and mirrored to the connected FortiGate for viewing, and FortiAnalyzer reports Best practices: Log management

are created and configured on a FortiAnalyzer unit. For more information about those reports, see the FortiAnalyzer Administration Guide.

In order to create FortiOS Reports on a device, disk logging must be enabled. Not all devices are capable of disk logging; check the Feature Matrix to see if your unit has a hard disk. Once disk logging has been enabled, Local Reports can then be enabled in System > Feature Visibility in order to view and edit reports.

What are FortiOS reports?

FortiOS reports are created from logs stored on the FortiGate unit’s hard drive. These reports, generated by the FortiGate unit itself, provide a central overview of traffic and security features on the FortiGate. A default FortiOS report, called the FortiGate Security Feature Daily Activity Report, is available for you to use or modify to your requirements. The default report compiles security feature activity from various security-related logs, such as virus and attack logs. You can quickly and easily create your own report from within the management interface.

What you can do with the default FortiOS report

On the Log & Report > Local Reports page, you can set the frequency and timing of auto-generated reports.

You can select Run Nowon the Local Reports page to immediately create a report with the current layout and design. More complex reports may take longer to generate. After generating a report, you can view it by selecting it from the list below Run Now.

Historical reports will be marked as ‘Scheduled’ if created automatically, or ‘On Demand’ if created by selecting

Run Now.

What are FortiCloud reports?

FortiCloud reports are created from logs stored on the FortiCloud log management service. An active FortiCloud

Service Subscription is required in order to view, configure, or use these reports. They are generated by

FortiCloud according to a schedule you set, and then mirrored to the FortiGate interface and can be viewed at Log & Report > FortiCloud Reports, which may not appear in the interface until a report is created. If you wish to configure the report design or structure, you will have to do so from the FortiCloud portal website.

See the FortiCloud Administration Guide for more information about using and configuring FortiCloud reports.

This entry was posted in Administration Guides, Fortinet, FortiOS 6 on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

One thought on “Reports – FortiOS 6

  1. TJ

    My local reports are highly inaccurate in terms of bandwidth counts. I ran some bandwidth tests, peaking at around 600Mb up/down. Fortigate local reports say peak of 80Mb. Also tested downloads, totaled around around 280GB in data. Fortigate local report says about 100GB total. Does SSL encryption throw off data transfer information? The download tests were mostly encrypted, but I would think, at least, the speed test would be accurate.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.