Miscellaneous Operations
Exporting Events to Files
You can run the phExportEvent tool from a Supervisor or Worker node to export events to CSV files. The file will contain these fields:
phExportEvent Command | Description |
DESTINATION_DIR | Destination directory where the exported event files are saved |
START_TIME | Starting time of events to be exported. The format is YYYY-MM-DD HH:MM:SS {+|-} TZ. If TZ is not given, local time zone of the machine where the script is running will be used. Example: 2010-03-10 23:00:00 -8 means Pacific Standard Time, 23:00:00 03/10/2010. 2010-07-29 10:20:00 +5:30 means India Standard Time 10:20:00 07/29/2010. |
RELATIVE_START_TIME | Starting time of events to be exported relative backward to the end time as specified using –endtime END_TIME
. The format is where NUM is the number of days or hours or minutes. For example, –relstarttime 5d means the starting time is 5 days prior to the ending time. |
END_TIME | Ending time of events to be exported. The format is the same as START_TIME. |
RELATIVE_END_TIME | Ending time of events to be exported relative forward to the start time as specified using START_TIME. The format is same as RELATIVE_START_TIME. |
DEVICE_NAME | Host name or IP address of the device with the events to be exported. Use a comma-separated list to specify multiple IPs or host names, for example, –dev 10.1.1.1,10.10.10.1,router1,router2. Host name is case insensitive |
ORGANIZATION_NAME | Used only for multi-tenant deployments. The name of the organization with the events to be exported. To specify multiple organizations, enter a commandeach for one organization, for example, –org “Public Bank” –org “Private Bank”. The organization name is case insensitive. |
TIME_ZONE | Specifies the time zone used to format the event received time in the exported event files. The format is {+|-}TZ, for example, -8 means Pacific Standard Time, +5:30 means India Standard Time. |
Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!