FortiSIEM Creating a Report or Baseline Report

Creating a Report or Baseline Report

Creating a report or baseline report is like creating a structured historical search, because you set the Conditions and Group By attributes that will be used to process the report data, and specify Display Fields to use in the report summary.

  1. Log in to your Supervisor node.
  2. Go to Analytics > Reports, and select the category for your new report.

Select Baseline for baseline reports.

  1. Click New.
  2. Enter a report Name and Description.
  3. For baseline reports, select Anomaly Detection Baseline.
  4. Enter the Conditions to use in your report.

See Selecting Attributes for Structured Searches, Display Fields, and Rules and Using Expressions in Structured Searches and Rules for more information on setting conditions. For creating baseline reports, see Baseline Reports for information on how to use the STAT_AVG and STAT_STDDEV functions in creating expressions for baseline reports.

  1. Select the Group By attribute to use in processing the search results.

The topic Example of How a Structured Historical Search is Processed explains how the Group By attribute is used in search results.

  1. Set the Display Fields to use in your search results.

See Selecting Attributes for Structured Searches, Display Fields, and Rules for more information on using event attributes in display fields.

  1. Click Save.

Your report will be saved into the selected category, and you can now run it or schedule it to run later.

Related Links

Creating a Structured Historical Search

Selecting Attributes for Structured Searches, Display Fields, and Rules

Example of How a Structured Historical Search is Processed

Using Expressions in Structured Searches and Rules Baseline Reports


Having trouble configuring your Fortinet hardware or have some questions you need answered? Ask your questions in the comments below!!! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

Don't Forget To Buy Your Fortinet Hardware From The Fortinet GURU

Leave a Reply

Name *
Email *
Website

This site uses Akismet to reduce spam. Learn how your comment data is processed.