FortiView – FortiManager 5.2

FortiView

The FortiView tab allows you to access both FortiView drill down and Log view menus. FortiView in FortiManager collects data from FortiView in FortiGate. In order for information to appear in the FortiView dashboards in FortiGate, disk logging must be selected for the FortiGate unit. Select the FortiView tab and select the ADOM from the dropdown list.

When rebuilding the SQL database, FortiView will not be available until after the rebuild is completed. Select the Show Progress link in the message to view the status of the SQL rebuild.

FortiView

Use FortiView to drill down real-time and historical traffic from log devices by sources, applications, destinations, web sites, threats, cloud applications, cloud users, system and admin events, SSL and dialup IPsec, site to site IPsec, rogue APs, and resource usage. Each FortiView summary view can be filtered by a variety of attributes, as well as by device and time period. These attributes can be selected using the right-click context menu. Results can also be filtered using the various columns. The following summary views are available:

  • Top Sources l Top Applications l Top Destinations l Top Web Sites l Top Threats l Top Cloud Applications/Users l System Events l Admin Logins l SSL & Dialup IPsec l Site-to-Site IPsec
  • Rogue APs l Resource usage

This entry was posted in Administration Guides, FortiManager and tagged , on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

16 thoughts on “FortiView – FortiManager 5.2

  1. Stief

    Hello,
    Maybe you can help me. I keep seeing “No Data” if I open Fortiview on my fortimanager.
    I have 2 Fortigates (300D and a 200D) connected to it.
    If I select logview, I can see all the traffic info of both Fortigates.
    If I log on on the Fortigates, Fortiview is working fine. But somehow I can not get data in Fortiview on the Fortimanager.
    What am I doing wrong?

    Regards.
    Stief

    Reply
    1. Mike Post author

      What version of FortiOS are you running on the Manager as well as the FortiGates? (I know you posted this on the FortiManager 5.2 page but I would like to confirm)

      Reply
  2. Stief

    Hi Mike,
    Thanks for the reply.
    It’s set to log all traffic. But also UTM stuff.
    In Logview I can see everything but Fortiview stays empty.

    Reply
  3. Mike Post author

    I would check to see if ADOM’s were enabled. If they aren’t….enable them and make sure the ADOM that the FortiGate’s are a part of are listed as 5.4.

    Sometimes I notice weird shenannigans and after looking deeper it is because during the upgrade process, or something along those lines…..the FortiManager/FortiAnalyzer is still operating the devices beneath it in 5.2 mode.

    Let me know if that doesn’t make any sense. Long day so this response is sort of stream of consciousness lol

    Reply
  4. Stief

    Hi,
    Apperently it was a bug that is fixed in the latest release. After installing everything is working fine again.

    Reply
  5. surendran

    Dear Mike,
    In fortimanager under fortiview -vpn-ssl-dialup-ipsec-monitor stopped reporting for last 4 days. Pls guide how to resolve the issue.
    Regards,

    Reply
  6. surendran

    All devices are registered/added in device manager, fortview has stopped logging from 26th april,

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.