Fortigate displays config changes but Fortianalyzer can't pull report

Forum|Forum|8 years ago
March 28, 2018
1 reply
7411 views

Hi Guys,

I am using a Fortigate 900D on which I can see the logs of config changes by administrators by filtering on the log ID's 44544, 44545, 44546 and 44547.

We are also using a Fortianalyzer 400E on which I am trying to run a report to match on system events to match on cfgattr; cfgobj; and cfgpath but nothing is shown after running the report. All event logs are being sent to the FAZ. I have attached a screenshot of the Forti and the FAZ.

Any help would be most welcome!

Thanks,

Jonathan

Fortigate And FAZ.jpg

Reports

dmcquade

New Member

I don't see any values set in your 3 filters. Could that be the problem? From the log view, once you have the data filtered to your liking, save the query which you can then use in a report.

HTH

d

jmillwardAuthor

New Member

Thanks,

I solved it by creating a dataset which pulls from the log and then created a chart that uses that dataset.

I found the following post very helpful https://forum.fortinet.com/tm.aspx?m=144882

:)

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded