Events – FortiAnalyzer – FortiOS 6.2.3

Events

After event handlers start generating events, view events and event details in Incidents & Events > Event Monitor.

When rebuilding the SQL database, you might not see a complete list of historical events. However, you can always see events in real-time logs. You can view the status of the SQL rebuild by checking the Rebuilding DB status in the Notification Center.

All Events

To view all the events, go to Incidents & Events > Event Monitor> All Events.

Double-click an event line to drill down for more details.

Hover your mouse over an entry to view the asset and identity information for that event.

Devices To view events for specific devices, click the devices dropdown and select a device.
Time Period To change the time period to display, click the time icon and specify a time period. Select Custom to specify a time period not in the dropdown list.
Collapse All/Expand All To view event summaries or details, click Collapse All or Expand All.
Show Acknowledged To include acknowledged events, click Show Acknowledged. See Acknowledging events on page 77.
Refresh To manually refresh the events data, click Refresh.

You can specify a refresh interval of Every 10 Seconds, Every 30 Seconds, Every 1 Minute, or Every 5 Minutes.

Export to CSV Download the events to a CSV file.
Custom View Save the current view including filter settings, device selection, and time period.
Column Settings Select which columns are displayed in the All Events pane. Columns not displayed by default include Acknowledged, Comment, Device ID, Device

Name, Device Type, Event ID, HandlerDescription, Last Occurrence, Tags, and VDOM Name.

This entry was posted in Administration Guides, FortiAnalyzer, FortiOS, FortiOS 6.2 on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.