Importing and Export Widget Dashboards

Importing widget dashboards

Widget Dashboards can be imported from another FortiSIEM installation or from another dashboard folder of the same installation. If the two FortiSIEM versions do not have the same version, then the charts may look different because the data definition may be different.

1. Make sure you are viewing the dashboard
2. Click Import
3. Select the file from local desktop. It must an XML file suitable for import. Typically this is exported from another FortiSIEM system.
4. Click Import.
5. The dashboard will display

Exporting widget dashboards

1. Make sure you are viewing the dashboard

Click Export

Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

Dashboards – HTML5 version

FortiSIEM includes two types of dashboards:

Summary dashboards that shows multiple metrics for the device in a single line. This enables users to see multiple metrics of the same device in one view.

Widget dashboards that provide separate views of each metric. This enables to see critical devices for a metric at a time.

Multiple dashboards can be grouped into a folder. User first needs to choose the dashboard folder and then select the dashboard within that folder.

Viewing System Dashboards

FortiSIEM provides several built-in dashboard folders covering many functional areas:

Infrastructure level

Network Dashboard

Server Dashboard

VMWare Dashboard

Web Server Dashboard

Application Server dashboard

Cloud Infrastructure level

Amazon Web Services Dashboard

Security Dashboard

Storage level

NetApp Dashboard

VNX Dashboard

Application level

Salesforce Dashboard

Office 365 Dashboard

Google Apps Dashboard

FortiSIEM Dashboard

To view these dashboards

1. Logon to FortiSIEM
2. Switch to the right organization (for Service Provider version)
3. Click Dashboard tab on the main user interface
4. Select the appropriate dashboard folder from the drop down. The dashboards belonging to the selected folder will show and the contents of the first dashboard will display automatically.
5. Select the appropriate dashboard to see its contents.

Creating New Dashboards

Creating a new dashboard folder

Creating a new dashboard within a folder

Adding reports to a widget dashboard

Adding devices to a summary dashboard

Make sure that you are logged on to the right organization (for Service Provider version).

Creating a new dashboard folder

1. Click on the dashboard folder menu and Select
2. Enter the name of the new dashboard folder
3. The new dashboard will show

Creating a new dashboard within a folder

1. Click on the icon on the top bar
2. Enter the following information
   1. Name – the name of the dashboard
   2. Type – Widget or Summary dashboard
   3. Description
3. Click Save

Adding reports to a widget dashboard

1. Click on the icon on the left under the dashboard name
2. Select the report and it will highlight
3. Drag the report to the dashboard and the results will show 4. To customize the chart settings, see here.

To add a CMDB Report, simply add from the CMDB Report folder in Step 2.

Adding devices to a summary dashboard

1. Click on the icon on the top menu bar
2. Select the device(s) and move them to the right pane by clicking the button
3. Click OK
4. To customize the columns, see here

Deleting Dashboards

Note that built-in dashboard folders and dashboards can not be deleted.

Deleting user defined dashboards

1. Click on the button next to the dashboard
2. Click OK

Deleting user defined dashboard folders

1. Click on the button next to the dashboard folder 2.  Click OK

Modifying Dashboards

Modifying widget display

1. Select a widget and click on the Settings button
2. Customize the fields as appropriate
   1. Title – the chart name that displays at the top
   2. Display – select chart type from the possible options
   3. Width – the size of the chart in horizontal dimension – note that this is relative
   4. Height – the size of the chart in vertical dimension – note that this is relative
   5. Refresh interval – how often the chart’s content will refresh
   6. Result Limit – number of rows in the result
3. Click OK.

Adding reports to a widget dashboard

1. Click on the icon on the left under the dashboard name 2.  Select the report and it will highlight.
2. Drag the report to the dashboard and the results will show 4. To customize the chart settings, see here.

If you want to add a new report or modify a system report, then follow these steps

1. Create the report in Analytics
2. Then report will show up in the list of reports in Step 2 above.

Modifying widget dashboard layout

There are two possibilities – Tile layout (default) or column layout.

1. To select Tile layout, select Tile option from the menu next to on top. Tile layout allows you to place widgets of several sizes on the dashboard.
2. To select a column layout, choose the number of columns from the menu next to .

Adding, removing and re-ordering columns on a summary dashboard

1. Select the button the top.
2. To remove one or more columns from display, select them in the Selected Columns and then move them to the left by clicking the

button.

3. To add one or more columns to the display:
4. Select an Event Type in the left most column. The corresponding metrics from that event type will show. b. Select one or more columns in the middle column
5. Move them to the right by clicking the button 4.  To change the position of the columns 5.  Click OK to save the changes.

Sharing Dashboards

The following sharing rules are enforced

User created dashboard folders and its contents are only visible to the user who created it. If this folder need to be visible to other users, then we recommend using a shared account or

using export/import mechanism to create the folder for that user

System dashboard folders are owned by FortiSIEM. Any changes to those dashboards may be lost during upgrade, if FortiSIEM also decides to change those dashboards.

 

Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

Creating Dashboard Slideshow

 

 

 

Exporting and Importing Dashboards

It is possible to export and then import the following types of widget dashboards

My Dashboard

Availability/Performance > Avail/Perf Widgets

Biz Svc Dashboard

Dashboards By Function

To export a dashboard

Go to a specific dashboard folder Click Export on top right portion An XML file will be created and saved.

To import a dashboard, first have the XML file ready

Go to a specific dashboard folder

Click Import on top right portion

Provide the dashboard file in XML format

 

Link Usage Dashboard

For perimeter network devices such as firewalls and routers, it is important to know which interfaces are busy and which traffic is consuming the most resources. This special dashboard provides this view and enables users to determine which router interfaces are overly utilized, which applications are using them and what is the QoS statistics.

 

 

 

Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

Setting a Dashboard to Home

You can set any system or user-defined dashboard to be your home page when you log into FortiSIEM.

1. In the Dashboard view, select the dashboard you want to set for your home page.
2. At the top of the General view of the dashboards, click the Home

The Home icon will be filled in rather than greyed out, and the next time you log into FortiSIEM, the page you selected will be your home page.

Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

Creating a Customized Dashboard

You can create both Summary and Widget custom dashboards.

1. In the Dashboard tab, select My Dashboard in the General
2. At the top of the General view, click the +
3. Enter a Group to categorize the dashboard, and a Description.
4. Select a Dashboard Type.
5. Click OK.

The dashboard will be added under My Dashboard.

6. Select the dashboard.
7. For a Device Summary Dashboard, click Devices at the top of the dashboard and select the devices you want to add to the dashboard.
8. For a Widget Dashboard, click Add Reports to Dashboard, and then select the reports you want to add.

Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

Adding Widgets to Dashboards

1. Navigate to the widget dashboard where you want to add the widget.
2. At the bottom of the dashboard click Add Reports to Dashboard.
3. For multi-tenant deployments, select the Organization that you want to have access to the report.
4. Select a Category for the type of report you want to add.
5. Under Available Reports, select the report you want to add, and then click the >> button to add it to the Selected Reports.
6. Click OK.

To add CMDB Reports, select from the CMDB Reports folder in Step 5.

Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

Customizing Dashboards

FortiSIEM includes several dashboards for device types and IT functional areas, but you can also customize and create new dashboards and widgets.

Adding Custom Columns to Dashboards

Adding Widgets to Dashboards

Creating a Customized Dashboard Setting a Dashboard to Home

Adding Custom Columns to Dashboards

You may want to add custom columns based on event attributes to a Summary dashboard. This topic explains how to create a custom set of columns using the example of a hardware temperature readout, and then add them to a dashboard.

Prerequisites

Procedure

Prerequisites

Read the topic How Values in Dashboard Columns are Derived

Procedure

1. Find the event that contains the attribute you want to use.

In this case, you want to create a hardware temperature reading. The event PH_DEV_MON_HW_TEMP contains the attribute envTempDeg C.

2. Go to Admin > Device Support > Dashboard Columns.
3. Click New.
4. For Name, enter the display name for the new metric you want to collect. For this example, enter the name Temperature Reading.
5. For Event Type, click the Edit icon and select the event you want to use.

For this example, select PH_DEV_MON_HW_TEMP.

6. Click the + icon to add a column. As you complete each column, click OK, then click + to add more columns.

For each event type, you will typically create three columns: a Host column that contains IP information for associated hosts, an Object c olumn that includes information about the object being reported on, and a Reading column that contains the metric you want to report on.

Note that you could create additional Reading columns for other attributes contained in your event.

Column Type	Example Settings
Host	Attributes: hostIpAddr Aggregator: N/A Display Name: N/A Format: N/A Trend Chart: N/A Type: Host
Object	Attributes: hwComponentName Aggregator: N/A Display Name: N/A Format: N/A Trend Chart: N/A Type: Object
Reading	Attributes: envTempDegC Aggregator: AVG|MAX Display Name: Temp Format: DegreeC Trend Chart: Health Type: Reading

7. When you’re finished adding columns, click OK.

The new column you created will appear in the Admin > Device Support > Dashboard Columns.

8. Select your new column in the list, and then click Apply.
9. To add your column to a dashboard, navigate to the dashboard.
10. In the dashboard, click Select Columns.
11. Under Event Types, select the event type you used to create the new column.

The columns associated with that event type will be listed under Columns, and the Attribute Name will list the attribute you used to

create the column.

12. Under Columns, select your column and use the >> button to move it into the Selected Columns.
13. Use the up and down position buttons to place the column in the order where you want it to appear in the dashboard.
14. Click OK.

Your new column will appear in the dashboard.

Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

Using the Analysis Menu

The Analysis menu located in the Summary dashboards presents a number of options for gathering more information about items selected in the dashboard. You can also access the Analysis menu items by selecting a line in a summary dashboard, and hovering your mouse over the IP address of the device until the blue Analysis menu option appears.

Analysis Menu Options

Menu Option	Description
Quick Info	The Quick Info view of a device, which you can also access through the Analysis menu or hovering your mouse cursor over the Device IP column, displays General and Health information for the device, and when appropriate, Identity and Location information. It also contains links to additional information about the device: Incidents An exportable summary of incidents associated with the device Health Availability, Performance, and Security health information for the device. You can also access this information by clicking the Device Health user interface control, or by selecting Device Health in the Analysis menu. BizService Any business services impacted by the device. You can also access this information by selecting Impacted Business Services in the Analysis menu. Applications Displays a report on the top 10 applications associated with the device by Average CPU Utilization over the past hour Vulnerability and IP Status (Not used in the Dashboard view) Displays the vulnerability status reports that are also available by selecting Vulnerability and IPS Status in the Analysis menu Hardware Health (Used only for the CMDB/Storage view) Displays health information for the hardware being used for storage Interfaces Displays a report on the top 10 interfaces associated with the device by average throughput Topology Shows the device’s location in the network topology. You can also access this information by selecting Topology in the A nalysis menu. The Quick Info view also contains two links, Goto Config Item, which links to the device entry in the CMDB, and Goto Identity , which links to Analytics > Identity and Location Report, where you can edit this information for the device.
Topology	Shows the device location within the network topology
Device Health	Availability, Performance, and Security health reports for the device. You can also access this information by selecting a device in the Summary dashboard, and then click Health, or by going to Quick Info > Health after selecting the device. If any I ncidents are displayed, click the number to view the Incident Summary. Depending on the reported metric, you can zoom in for a closer look at graphs and reports by clicking the Magnifying Glass icon that appears when you hover your mouse cursor over them.
Incidents Summary	A summary of incidents associated with the device. Select an incident and then hover your mouse cursor over the Incident Name to open the View Incident Details option, which will load the selected incident into the Incident Dashboard. See the topics under Incidents – Flash version for more information about working with the Incident Dashboard. If you hover your mouse cursor over the Incident Target for an incident in the Incident Summary screen, you will see some additional options, including: Add to Watch List – add the incident target to a watch list. See Watch Lists for more information. Show Related Real Time Search – opens a real time search using the Host IP and Name for the incident target Show Related Historical Search – opens an historical search using the Host IP and Name for the incident target
Device Availability	Displays reports for Availability Trend Status, Ping Response Time, and Ping Packet Loss for the device over the past hour, and Device Uptime for the device over the past thirty minutes
Device Performance	Displays reports for Performance Health Trend, Avg Memory Utilization, Avg CPU Utilization, and Avg Disk Utilization ov er the past hour for the device

 

Interface Status	Displays reports for Interface Utilization Percentage, Interface Error Percentage, Interface Traffic, and Interface Error Count over the past hour for the device
Application Performance	Displays reports for Average Application CPU Utilization, Application CPU Utilization, Average Application Memory Utilization, and Application Memory Utilization over the past hour for the device
Event Status	Displays reports for Events per Second, Top Network Connections, Top Events by Severity, and Top TCP/UDP Ports ove r the past hour for the device
All Events by Group for the Last 10 Minutes	Opens an Historial Search for the selected device using these criteria
Traffic Status	Displays reports for All Permitted Traffic Sourced From or Destined to the selected device, and All Denied Traffic Sourced from or Destined to the selected device over the previous hour
Vulnerability and IPS Status	Displays reports for All Vulnerabilities for Last 1 Day and All Warning + Critical IPS Events for the device over the past 24 hours
Impacted Biz Services	Business services that contain the selected device
Real-time Events	Opens a Real-Time Search for the selected device
Historical Events for Last 5 Mins	Opens an historical search for all events associated with the device over the past five minutes

 

 

Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!