Manuals / Fortinet / Computer Equipment / Network Card

Fortinet 1.2.0 manual To filter logs 1 Go to Analysis Log Viewer

Models: 1.2.0

1 76

Download 76 pages 6.25 Kb

Page 62

To filter logs

Customizing the log view

Analysis

Figure 30: Filter icons for logs


	Filter icon
	Filter icon		Filter icon
	enabled		Filter icon
	enabled		disabled
			disabled

When filtering by source or destination IP, you can use the following in the filtering criteria:

•a single address (2.2.2.2)

•an address range using a wild card (1.2.2.*)

•an address range (1.2.2.1-1.2.2.100)

You can also use a Boolean operator (“or”) to indicate mutually exclusive choices:

•1.1.1.1 or 2.2.2.2

•1.1.1.1 or 2.2.2.*

•1.1.1.1 or 2.2.2.1-2.2.2.10

To filter logs

1Go to Analysis > Log Viewer.

2Select a log type to view log messages from.

3Go to a column in the log type.

4Select the filter icon in that column’s heading.

5Using the arrows, move the appropriate keywords from Available Fields to Display Fields.

6Select Submit.

To clear log filters

1Go to Analysis > Log Viewer.

2Select the log type that contains the column filter that you want to clear.

3Go to the column.

4Select the filter icon in that column’s heading.

5Using the double arrows, move the keywords from Display Fields to Available Fields.

6Select Submit.

7Repeat steps 2 to 6 for each filter.

	FortiGuard Analysis and Management Service Version 1.2.0 Administration Guide
64	13-12000-406-20081031

Image 62

Fortinet 1.2.0 manual To filter logs 1 Go to Analysis Log Viewer, To clear log filters 1 Go to Analysis Log Viewer

Contents

FortiGuard Analysis and Management Service Version A D M I N I S T R A T I O N G U I D EFortiGuard Analysis and Management Service Administration Guide TrademarksIntroduction ContentsSetup DashboardCustomizing the log view ManagementAnalysis Deleting log files from the FortiGate web-based manager13-12000-406-20081031 ContentsIndex Contents 13-12000-406-20081031About this document Customer service and technical supportIntroduction Document conventionsFortinet Tools and Documentation CD Fortinet documentationTypographic conventions Fortinet Knowledge CenterCustomer service and technical support Customer service and technical supportIntroduction Customer service and technical support13-12000-406-20081002 About the portal web site SetupConfiguring a device to use the service Expanding or renewing service About the portal web site Obtaining a trial contractSetup Figure 1 The portal web siteSetup Expand ArrowHelp Obtaining a trial contractSection Log outSetup To obtain a trial contract1 Go to https//fams.fortinet.com 2 Select the Sign Up Now linkConfiguring a device to use the service To configure the Service Account ID and validate connectivityVerifying the connectivity between the service and the device Configuring remote logging and central managementTo configure remote logging to the service To configure remote management by the serviceAllow automatic backup of configuration on logout/timeout Expanding or renewing serviceSetup Allow configuration updates initiated by the management serverRenewing contracts To add a renewal contractTo add a purchased contract to a Service Account ID Adding purchased contractsFigure 9 Locating the Service Account ID Figure 10 Adding a purchased contractRequired port numbers Required port numbers13-12000-406-20081031 SetupRequired port numbers The Dashboard main menu Configuring widgets Customizing the Dashboard pageDashboard The Dashboard main menu Widgets Adding and customizing pagesWidgets Adding and customizing pages Configuring widgetsConfiguring the Resource Monitor To add and customize a pageConfiguring the Network Monitor Dashboard Configuring the Trap Console“Configuring an alert profile” on page 13-12000-406-20081031Configuring the Report widgets IPS Report - provides information about IPS anomalies and signatures Select the calendar to configure the end date and Configuring widgetsColor Bar chart only OK To dateCustomizing the Dashboard page To customize the Dashboard pageDashboard Customizing the Dashboard page13-12000-406-20081031 De-authorizing the service on devices Device Scripts Topology Tool SettingsAuthorizing the service on devices Sending manual or automatic configuration revisionsTo view device information, go to Management Device Management Adding and editing devicesTo add a device 1 Go to Management Device Basic Information sectionTo authorize service on a device 1 Go to Management Device Authorizing the service on devicesDe-authorizing the service on devices To de-authorize a device from using the serviceFigure 21 List of configuration revisions for each device Sending manual or automatic configuration revisionsViewing configuration revisions Searching configuration revisions To search a revision 1 Go to Management Device Revision History1 Go to Management Device Revision History Comparing configuration revisionsTo compare configuration revisions from within the portal web site Restoring configuration revisions To restore a configuration revision or scriptTo run a script Go to Management Device Device Detail Running scriptsViewing available firmware images Changing firmware from the portal web site To schedule a firmware change 1 Go to Management DeviceTo immediately change firmware ScriptsChanging firmware from the device Creating scripts To create a script from a configuration fileTo create a script by entering CLI commands 1 Go to Management Script7 Select Submit The script is added to the list of available scripts Viewing available configuration scriptsTo view available configuration scripts, go to Management Script ManagementTopology Tool Figure 24 Network diagram in View modeFile Contains the following menus Open Close Figure 25 Network diagram in Edit modeView Mode menus View Contains the following menus Zoom In Zoom Out Hide GridCreating a network diagram To create a network diagram 1 Go to Management Topology ToolViewing service account information SettingsViewing a network diagram To view a network diagram 1 Go to Management Topology Tool13-12000-406-20081031 SettingsEdit Adding, editing and removing administrators To remove a user account 1 Go to Management Settings Editing your login profileTo add or edit account users 1 Go to Management Settings To edit your profile 1 Go to Management SettingsTo change the Service Account ID 1 Go to Management Settings Changing your service account IDConfiguring an alert profile To configure an alert profile 1 Go to Management Settings13-12000-406-20081031 SettingsName When nn occurrences within nnminhr Send to Message Deleting log files from the FortiGate web-based manager Reports AnalysisLog Viewer Customizing the log view e-DiscoveryLog Viewer Viewing logslogging and central management” on page By default, log messages are displayed in Formatted mode. SelectAnalysis current log messagesCustomizing the log view Customizing the log column viewsTo change the order of the columns Filtering logsTo show or hide columns To filter logs 1 Go to Analysis Log Viewer To clear log filters 1 Go to Analysis Log ViewerAnalysis Log File BrowserTo view and download log files, go to Analysis Log File Browser To download a log file 1 Go to Analysis Log File Browser Deleting log files from the FortiGate web-based managerReports To delete any log files older than n monthsViewing generated reports Figure 32 ReportsTo delete a report 1 Go to Analysis Report Deleting reportsTo view a generated report 1 Go to Analysis Report Viewing e-Discovery tasks Creating tasks for e-Discovery e-DiscoveryViewing e-Discovery tasks dd hhmmss e-Discoverymm-dd hhmmss 13-12000-406-2008103113-12000-406-20081031 Analysisview the task. For example, if the Creating tasks for e-Discovery 1 Go to Analysis e-Discovery To create tasks for e-Discovery 1 Go to Analysis e-DiscoveryTo copy a task and apply it to a new task To delete a task 1 Go to Analysis e-DiscoveryAnalysis e-Discovery13-12000-406-20081031 Index IndexIndex 13-12000-406-20081031