Widgets – FortiAnalyzer – FortiOS 6.2.3

System Settings

System Resources widget

The System Resources widget displays the usage status of the CPUs, memory, and hard disk. You can view system resource information in real-time or historical format, as well as average or individual CPU usage.

On VMs, warning messages are displayed if the amount of memory or the number of CPUs assigned are too low, or if the allocated hard drive space is less than the licensed amount. These warnings are also shown in the notification list (see GUI overview on page 12). Clicking on a warning opens the FortiAnalyzerVM Install Guide.

To toggle between real-time and historical data, click Edit in the widget toolbar, select Historical or Real-time, edit the other settings as required, then click OK.

To view individual CPU usage, from the Real-Time display, click on the CPU chart. To go back to the standard view, click the chart again.

License Information widget

The License Information widget displays the number of devices connected to the FortiAnalyzer.

VM License VM license information and status.

Click the upload license button to upload a new VM license file.

This field is only visible for FortiAnalyzer VM.

The Duplicate status appears when users try to upload a license that is already in use. Additionally, the following message will be displayed in the Notifications: Duplicate License has been found! YourVM license will expire in XX hours (Grace time: 24 hours)

Users will have 24 hours to upload a valid license before the duplicate license is blocked.

Logging  
Device/VDOMs The total number of devices and VDOMs connected to the FortiAnalyzer and the total number of device and VDOM licenses.
GB/Day The gigabytes per day of logs allowed and used for this FortiAnalyzer. Click the show details button to view the GB per day of logs used for the previous 6 days. The GB/Day log volume can be viewed per ADOM through the CLI using: diagnose fortilogd logvol-adom <name>.
VM Storage The amount of VM storage used and remaining. This field is only visible for FortiAnalyzer VM.
Storage Connector Service The cloud storage license status.

Displays usage statistics as well as the license expiration date when a valid license is present.

Click the purchase button to go to the Fortinet Customer Service & Support website, where you can purchase a license.

FortiGuard  
Indicators of

Compromise

Service

The license status.

Click the purchase button to go to the Fortinet Customer Service & Support website, where you can purchase a license.

Secure DNS Server The SDNS server license status.

Click the upload image button to upload a license key.

Server Location The locations of the FortiGuard servers, either global or US only.

Click the edit icon to adjust the location. Changing the server location will cause the FortiAnalyzer to reboot.

Update Server  
AntiVirus and IPS The IP address and physical location of the Antivirus and IPS update server.
Web and Email

Filter

The IP address and physical location of the web and email filter update server.
FortiClient Update The IP address and physical location of the FortiClient update server.

Unit Operation widget

The Unit Operation widget graphically displays the status of each port. The port name indicates its status by its color. Green indicates the port is connected. Grey indicates there is no connection.

Hover the cursor over the ports to view a pop-up that displays the full name of the interface, the IP address and netmask, the link status, the speed of the interface, and the amounts of sent and received data.

Alert Messages Console widget

The Alert Message Console widget displays log-based alert messages for both the FortiAnalyzer unit itself and connected devices.

Alert messages help you track system events on your FortiAnalyzer unit such as firmware changes, and network events such as detected attacks. Each message shows the date and time the event occurred.

Click Edit from the widget toolbar to view the Alert Message Console Settings, where you can adjust the number of entries that are visible in the widget, and the refresh interval.

To view a complete list of alert messages, click Show More from the widget toolbar. The widget will show the complete list of alerts. To clear the list, click Delete All Messages. Click Show Less to return to the previous view.

Log Receive Monitor widget

The Log Receive Monitor widget displays the rate at which the FortiAnalyzer unit receives logs over time. Log data can be displayed by either log type or device.

Hover the cursor over a point on the graph to see the exact number of logs that were received at a specific time. Click the name of a device or log type to add or remove it from the graph. Click Edit in the widget toolbar to modify the widget’s settings.

Insert Rate vs Receive Rate widget

The Insert Rate vs Receive Rate widget displays the log insert and log receive rates over time.

l Log receive rate: how many logs are being received. l Log insert rate: how many logs are being actively inserted into the database.

If the log insert rate is higher than the log receive rate, then the database is rebuilding. The lag is the number of logs waiting to be inserted.

Hover the cursor over a point on the graph to see the exact number of logs that were received and inserted at a specific time. Click Receive Rate or Insert Rate to remove those data from the graph. Click the edit icon in the widget toolbar to adjust the time interval shown on the graph and the refresh interval.

Log Insert Lag Time widget

The Log Insert Lag Time widget displays how many seconds the database is behind in processing the logs.

Click the edit icon in the widget toolbar to adjust the time interval shown on the graph and the refresh interval (0 to disable) of the widget.

Receive Rate vs Forwarding Rate widget

The Receive Rate vs Forwarding Rate widget displays the rate at which the FortiAnalyzer is receiving logs. When log forwarding is configured, the widget also displays the log forwarding rate for each configured server.

Click the edit icon in the widget toolbar to adjust the time period shown on the graph and the refresh interval, if any, of the widget.

Disk I/O widget

The Disk I/O widget shows the disk utilization (%), transaction rate (requests/s), or throughput (KB/s), versus time.

Click the edit icon in the widget toolbar to select which chart is displayed, the time period shown on the graph, and the refresh interval (if any) of the chart.

This entry was posted in Administration Guides, FortiAnalyzer, FortiOS 6.2 on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.