Advanced Functions of Reports
Reports provides advanced functions beyond the basic reports to give an accurate analysis. Drill In and Custom Filter are the functions about querying the reports with complex conditions. It delivers only the data that a user needs from large data sets. Export and Report Email are the functions about documentations and delivering of the on-line reports. The details of the advanced functions are described as follows.
There are 7 different query conditions for Bandwidth Usage, including In Class, Out Class, WAN, Service, Internal IP, External IP and Traffic Rate. In every Bandwidth Usage report, analysis can be further drilled-in to include more traffic data statistics; in other words, Reports allows traffic to be queried based on combination of multiple conditions. For example, select Service as the query subject from the menu in the category area, and the Service report will be displayed accordingly, as shown below:
Go to Reports > Service, you can have an overall service report which gives the traffic statistics of all the service usages (query result is as shown below).
The HTTPS(TCP@443) service can be further drilled in to query which WAN link of FortiWAN are utilizing this service by clicking the Drill In magnifier icon in the row of HTTPS(TCP@443) listed in the table and select WAN (query result is as shown below):
Service=HTTPS(TCP@443) & WAN=All
As indicated in the blue box (shown in the figure above), this page presents the data of HTTPS(TCP@443) traffic in the WAN report, In the statistics table, the WAN link 1 can be further drilled in to query what internal IP addresses are included by clicking the Drill In magnifier icon in the row of WAN 1 listed in the table and select Internal IP (query result is as shown below):
Service=HTTPS(TCP@443) & WAN=1 & Internal IP=All
As indicated in the blue box (shown in the figure above), this page presents the data of Internal IP report that includes the traffic of WAN 1 (WAN) using HTTPS(TCP@443) (Service), The IP address: 10.12.106.17 can be further drilled in to query what External IP addresses it is connected to by clicking the Drill In magnifier icon in the row of 10.12.106.17 IP listed in the table and select External IP (query result is as shown below):
Service=HTTPS(TCP@443) & WAN=1 & Internal IP=10.12.106.17 & External IP=All
As indicated in the blue box (shown in the figure above), this page presents the data of External IP report that includes the traffic of WAN 1 (WAN) at internal IP=10.12.106.17 (Internal IP) using HTTPS(TCP@443) (Service).
From the example illustrated above, administrators can easily query the traffic flow based on combination of various conditions needed, while analysis can be drilled in to more details for better review. In the upper section of the report page, you’ll see a summary of the query conditions used in the existing report (highlighted in blue as shown in the image above), making it clear for administrators to keep track of the query details.
Service=HTTPS(TCP@443) & WAN=1 & Internal IP=10.12.106.17 & Traffic Rate=All
Continuing the example described above, the query submitted returns a result that the IP address: 10.12.106.17 via WAN 1 is connecting to External IP addresses, via the HTTPS(TCP@443) service. You can change the last Drill In condition (External IP) to a different one (such as traffic rate of bandwidth usage) using the same filter: WAN=1, Internal IP=10.12.106.17 and Service=HTTPS(TCP@443), by selecting Traffic Rate from the drop-down menu of External IP (as shown below):
The report presented by Traffic Rate using the same filter: Service=HTTP(TCP@443), WAN=1 and Internal IP=10.12.106.17 is illustrated as follows.
As illustrated in the example above, Reports offers two kinds of advanced query: you can either keep drilling in with different conditions to get a report with more specific details, or change query condition at any Drill In level; in other words, network flow data can be queried either vertically or horizontally.
Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!
Don't Forget To visit the YouTube Channel for the latest Fortinet Training Videos and Question / Answer sessions!
- FortinetGuru YouTube Channel
- FortiSwitch Training Videos