Address Group to Filter Reports

Forum|Forum|7 years ago
February 5, 2019
1 reply
4921 views

I have a report that I want to filter to specific networks that have been identified using the Address Group feature. I used filters Log messages that match any of the conditions - Log Field: Address Group (adgroup) equal to Business Networks

I expected this to be as simple as that, but my reports still show IP addresses that are not in the Business Networks address group.

What am I missing?

Device is FortiGate-200E

FortiAnalyzer is the latest version

Best answer by chall_FTNT

Report filtering lists all possible fields that can be filtered on but many of them are relevant only to certain log types. In this case, address group is only a relevant field for system event logs.

chall_FTNTAnswer

Staff

Report filtering lists all possible fields that can be filtered on but many of them are relevant only to certain log types. In this case, address group is only a relevant field for system event logs.

davidsteeleroseAuthor

New Member

If I wanted to group networks to be used in report filtering, is there another approach? Currently each network that is in our core Business Networks are given Address Group = Business Networks.

Is there another tagging method so that I can separate these networks from less important networks so that I can focus my reporting on Business Networks? Ideas?

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded