Fortinet manual FortiAnalyzerVersion 3.0 MR7 Administration Guide

What’s new for 3.0 MR7

•Network Summary menu removed – The Network Summary menu was removed in FortiAnalyzer 3.0 MR7. This menu was removed because most of the information that previously displayed, now displays as widgets on the Dashboard. See “Dashboard” on page 25 for more information about these new widgets that have replaced the Network Summary menu.

•Log Viewer menu enhancements – When viewing real-time logs or historical logs, the options Resolve Host and Resolve Service are no longer available. From within the Real-time tab, you can now view up to 1000 log messages; you can also view up to 1000 log messages from the Historical tab as well. See “Viewing log messages” on page 91 for more information.

•Custom fields for log messages – You can now enable custom fields for log messages that are received from FortiGate units from the CLI. See “Custom fields for log messages” on page 16 for more information.

•Report configuration enhancements – Reports contain several enhancements in FortiAnalyzer 3.0 MR7, as well as the additional of VoIP reports. See both “Report configuration enhancements” on page 16 and “Reports” on page 113 for more information.

•Logs for HA members – Logs that are viewed on the FortiGate unit now contain device ID fields for HA members. See the FortiGate Administration Guide and the FortiGate Log Message Reference for additional information.

•Log search results enhancement – You can now view log search results in both Format and Raw formats. See “Searching the logs” on page 100 for more information.

•Alert email configuration changes – When configuring an alert email, you are now required to enter information in the alert name field, destination field, and device field and a drop-down list is included for selecting a destination. See “Alert” on page 133 for more information.

•Alert emails – Alert emails now contain the FortiAnalyzer serial number in the Source Device field in the body of the email. The FortiAnalyzer serial number replaces the IP address of port 1 (FortiAnalyzer unit), which was used to identify the FortiAnalyzer unit that sent the alert email. See “Alert” on page 133 for additional information about configuring alert emails.

•SNMP enhancements – When configuring SNMP communities in Alert > Output > SNMP Access List, you can now specify that traps for certain local system events will be generated that meet certain criteria. See “Configuring SNMP traps and alerts” on page 136 for more information.

•File directory menu – You can now access all files that are on the FortiAnalyzer unit in Tools > File Directory. See “File Explorer” on page 167 for more information.