Report calendar

The report calendar provides an overview of scheduled reports. You can view all reports scheduled for the selected month. From the calendar page, you can edit and disable upcoming reports, and delete or download completed reports.

To view the report calendar, go to Reports > Report Calendar.

Figure 143:Report calendar

Hovering the mouse cursor over a scheduled report on the calendar opens a notification box that shows the report’s name and status, as well as the device type.

Selecting the left and right arrows at the top of the calendar page will adjust the month that is shown. Select Today to return to the current month.

To edit a report schedule:

1. Right-click on the scheduled report in the report calendar and select Edit.

The Edit Report window will open. See Figure 118 on page 166.

2. Edit the report settings as required, then select Apply to apply the changes.

To disable a scheduled report:

1. Right-click the scheduled report and select Disable from the right-click menu.
2. In the confirmation box, select OK.

Disabling a report will remove all scheduled instances of the report from the report calendar. Completed reports will remain in the report calendar.

To delete a scheduled report:

1. Right-click the scheduled report that you would like to delete and select Delete.

Only scheduled reports that have already been run can be deleted.

2. Select OK in the confirmation dialog box to delete the scheduled report.

To download a report:

1. Right-click the scheduled report that you would like to download and select Download.

Only scheduled reports that have already been run can be downloaded.

2. Depending on your web browser and management computer settings, save the file to your computer, or open the file in an applicable program.

Reports are downloaded as PDF files.

Advanced

The advanced menu allows you to view, configure and test datasets, create output profiles, and manage report languages.

Dataset

FortiAnalyzer datasets are collections of log files from monitored devices. Reports are generated based on these datasets.

To view a listing of the available predefined datasets, see “Charts, Datasets, & Macros” on page 219.

Predefined datasets for each supported device type are provided, and new datasets can be created and configured. Both predefined and custom datasets can be cloned, but only custom datasets can be deleted. You can also view the SQL query for a dataset, and test the query against specific devices or all devices.

To view and configure datasets, go to Reports > Advanced > Dataset in the tree menu.

Figure 144:Datasets

The following information is displayed:

Name	The name of the dataset.
Device Type	The device type that the dataset applies to.
Log Type	The type of log that the dataset applies to.
Pagination	Adjust the number of logs that are listed per page and browse through the pages.

The following options are available in the toolbar:

Create New	Select to create a new dataset. See “To create a new dataset:” on page 200.
Edit	Select to edit an existing dataset. See “To edit a dataset:” on page 201.
Delete	Select to delete a dataset. See “To delete datasets:” on page 202.
Clone	Select to clone an existing dataset. See “To clone a dataset:” on page 201.
Search	Use the search field to find a specific dataset.

To create a new dataset:

1. In the dataset list, either select Create New from the toolbar, or right-click in the dataset list and select Create New from the pop-up menu.

The New Dataset dialog box opens.

Figure 145:Create a new dataset

2. Enter the required information for the new dataset.

Name	Enter a name for the dataset.
Log Type	Select a log type from the drop-down list. The following log types are available for FortiGate: Application Control, Attack, DLP Archive, DLP, Email Filter, Event, Traffic, Virus, Web Filter, and Network Scan. The following log types are available for FortiMail: Email Filter, Event, History, and Virus. The following log types are available for FortiWeb: Attack, Event, and Traffic.
Query	Enter the SQL query used for the dataset.
Add Variable	Select the add variable icon,      , to add a variable, expression, and description information.

Test query with specified devices and time period

Devices	Select All Devices or Specify to select specific devices to run the SQL query against. Use the add device icon, , to add multiple devices to the query.
Time Period	Use the drop-down list to select a time period. When selecting Other, enter the start date, time, end date, and time.
Test	Select Test to test the SQL query before saving the dataset configuration.

3. Test the query to ensure that the dataset functions as expected, then select OK to create the new dataset.

To clone a dataset:

1. In the dataset list, either select a dataset then select Clone from the toolbar, or right-click on the dataset then select Clone from the pop-up menu.

The Clone Dataset dialog box opens.

2. Edit the information as required, then test the query to ensure that the dataset functions as expected.
3. Select OK to create a new, cloned dataset.

To edit a dataset:

1. In the dataset list double-click on the dataset, or select the dataset then select Edit from the toolbar or right-click menu.

The Edit Dataset dialog box opens.

Figure 146:Edit a dataset

2. Edit the information as required, then test the query to ensure that the dataset functions as expected.

To delete datasets:

1. Select the dataset or datasets that you would like to delete, then select Delete from the toolbar or right-click menu.
2. Select OK in the confirmation dialog box to delete the selected datasets or datasets.

To view the SQL query for an existing dataset:

Hover the mouse cursor over one of the datasets in the dataset list. The SQL query is displayed in a persistent pop-up dialog box.

Figure 147:SQL query pop-up window

Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!