Hello,
I have a fortianalyzer on version 5.2.7. I'd like to see what the top services (https, smtp, ftp, etc) are every hour over the course of a day, and how much bandwidth each is using per hour. Is there a custom dataset, or might someone help me create one, which will allow me to view the top 5 or so applications / services in use broken down by bandwidth and hour of day?
Thanks for any help.
Hi there,
Please try below dataset:
select $hour_of_day as hod, service, sum(coalesce(sentbyte, 0)+coalesce(rcvdbyte, 0)) as bandwidth from $log where $filter and logid_to_int(logid) not in (4, 7, 14) group by hod, service having sum(coalesce(sentbyte, 0)+coalesce(rcvdbyte, 0))>0 order by bandwidth desc
The time format of $hour_of_day is like 10:00. If you need time with specific date like 2000-01-01 10:00, change $hour_of_day to $HOUR_OF_DAY.
Now you can create a "drilldown" table chart based on this dataset.
Regards,
hz
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
