Please help - I do not understand how or where to check for logs

Forum|Forum|8 years ago
December 20, 2017
1 reply
4883 views

Hello Everyone:

On my Fortigate 60E, I do not understand how the traffic is logged. For example, I am seeing some peaks on the dashboard at certain hours, and I just cannot find the way to relate those peaks to any connection or device or IP, even though I see the sources and destinations list. Maybe there is some other screen and I cannot find it.

Can anybody please help, I am new to managing this brand of devices.

Thank you.

oheigl

New Member

In the FortiView > All Sessions you should be able to sort by the current throughput. The traffic logs only will not assist you in this case, because if there is for example a software, which always uses the same session and doesn't close it, you will not see it in the log till the connection is closed.

Maybe you can try to set up a netflow/sflow analyzer, I guess this would help

ux_guy_FTNT

New Member

Hi quirogaca,

Welcome & glad to have you using our products.

It is possible to select a timeframe within the widget, it will then prompt you to view either sources or destinations in FortiView.

Did this help you track down the reason for the spike?

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded