Skip to main content
digitaltrance
digitaltrance
New Member
May 24, 2022
Question

Fortianalyzer Log View resolve destination IP

  • May 24, 2022
  • 2 replies
  • 5188 views

Hello all,

 

I am having  a hard time searching for and finding an answer for this question. I looked here and also reddit.

 

In FortiAnalyzer in Log View. Is there anyway to have the destination IP's resolve via DNS?

 

I have DNS configured and also enabled resolve-ip, no differences.

 

(setting)# show
config system fortiview setting
set resolve-ip enable
end

 

Any help would be great!

 

FortiAnalyzer 7.2

 

Thanks!

    2 replies

    Rathan_FTNT
    Staff
    Rathan_FTNT
    Staff
    May 24, 2022

    Hello,

     

    Please verify if the below settings are enabled on Fortigate level
    # config webfilter profile
        edit <profile-name>
            set log-all-url enable
            set extended-log enable
        end

      digitaltrance
      digitaltranceAuthor
      New Member
      May 24, 2022

      What if you are not using the web filter profiles/web filter inspection?

       

       

        EEHC
        EEHC
        Explorer III
        May 24, 2022

        I hope we meet for an installation.

        EEHC
        EEHC
        Explorer III
        May 24, 2022

        "config system fortiview setting"

        I use "?" in CLI and it helps in expecting the place where I may go.

         

        FortiGate01 # conf log
        custom-field Configure custom log fields.
        disk Configure disks.
        eventfilter Configure log event filters.
        fortianalyzer Configure first FortiAnalyzer device.
        fortianalyzer-cloud Configure cloud FortiAnalyzer device.
        fortianalyzer2 Configure second FortiAnalyzer device.
        fortianalyzer3 Configure third FortiAnalyzer device.
        fortiguard Configure log for FortiCloud.
        gui-display Configure how log messages are displayed on the GUI.
        memory Configure memory log.
        null-device Configure logging for statistics collection for when no external logging destination, such as FortiAnalyzer, is present (data is not saved).
        setting Configure general log settings.
        syslogd Configure first syslog device.
        syslogd2 Configure second syslog device.
        syslogd3 Configure third syslog device.
        syslogd4 Configure fourth syslog device.
        tacacs+accounting tacacs+accounting
        tacacs+accounting2 tacacs+accounting2
        tacacs+accounting3 tacacs+accounting3
        threat-weight Configure threat weight settings.
        webtrends Configure Web trends.

         

        From a point like this, you guess different directions to check. Then try them and you will find your goal.

        Terms & ConditionsAccessibility statement