user log audit

Question

Seeking your help based on the information needed. I have my AD server installed in Win 2019. Using Analytics what I can get is users windows log on/log off events only. I need to generate the ff information.

1. Lists of user/s changed their password

2. Lists of account nearing to expire 3. Lists of user/s access history (user(x) may use file sharing to access folder and files, telnet or ssh to other devices)

Hoping anyone could share their procedure.

Thank you

xsilver_FTNT · Answer

Hi Fullmoon,

if you want that log from AD, then I'm afraid you might be on a wrong place. As this is forum on products of Fortinet, not Microsoft.

However, if those actions were made through FortiGate, for example password change propagated through user authentication from AD to for example SSL VPN Web portal logon on FortiGate. Then you can get more details from Log & Report on FortiGate's GUI (or via CLI 'exec log...'). Pay attention to "Events" sub-logs.

Anyway, more info about log types can be found here : https://docs.fortinet.com/document/fortigate/7.2.1/fortios-log-message-reference/524940/introduction

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded