FortiAnalyzer: Generate Audit Report — Infrassist

FortiAnalyzer

This blog is regarding generating an audit report of the day-to-day bandwidth and other applications usage from FortiAnalyzer generated from the FortiGate firewall.

What is FortiAnalyzer?

FortiAnalyzer is powerful log management, analytics, and reporting platform that provides organizations with a single console to manage, automate, orchestrate and respond, enabling simplified security operations, proactive identification and remediation of risks, and complete visibility of the entire attack landscape.

For generating report from Analyzer, we need to perform the below steps.

• First, login to Analyzer.
• After logging in, you will see a dashboard which includes the below options.

Here, for now, I am only showing you how to generate the bandwidth and application Report.

Note: By default, this Template is available in Analyzer, you can create your own custom template as per the requirement.

• Generated reports: you will see the reports which is generated already.
• Editor: you can edit the layout of your reports as per the customers’ requirements.

Name — you can give custom names to the reports.

Time period — you can select the time range, here I am generating for the previous 30 days.

1. All devices — this will generate a report for all firewall/devices which is connected to this Forti Analyzer or in your network.

2. Specify- from here we can select the individual devices as I have selected below.

1. All subnets- you can run reports for all subnets which is currently implemented in your FortiGate.
2. Specify- for particular subnets (not for all the subnets).
3. Single report- for each device it will generate a single report.
4. Multiple reports- for each device It will generate a separate report

Now you have three options here,

1. Enable Schedule: from here you can schedule your report like when it needs to be generated automatically.
2. Enable Notification: Select this to enable report notification when generated.
3. Enable Auto-cache: When enabled, this process uses system resources and is recommended only for reports that require days to assemble datasets. Disable this option for unused reports and for reports that require little time to assemble datasets.

You can also apply filters and go to advanced settings to customize fonts, language layout headers and other features.

Once all this is done, click on apply and return to the Reports section.

Here, you will see the report is generated, and you can download this in HTML, PDF, XML, or CSV format.

Upcoming

We upload blogs on our website on a weekly basis. Keep an eye out for it. If you want to go through all the other blogs that we’ve uploaded, you can visit our blog section.

Originally published at https://www.infrassist.com.