Description
This article describes how to run a custom report on a FortiAnalyzer with the Chart Builder tool.
Scope
Any supported version of FortiAnalyzer.
Solution
Make sure to receive the logs on the FortiAnalyzer so that it can be used to generate reports.
Visit Fortinet's Knowledge Base here for reference.
Select a value to run the report in the log view section. Below is an example of report performed on a 192.168.100.1 source IP and with the DNS protocol.
Select any columns desired to see them in the chart report as follows:
Select the Chart Builder tool from the actions submenu:
Select the columns desired to integrate in the Chart Builder tool (a maximum of 5 may be selected) and run the preview. Give the chart a name and save it.
The 'show Limit' option in the chart limits the number of entries(rows/lines) to be displayed in the report. '0' shows all entries. The configured value can vary like 10,50,100,1000, or whatever value may be required for that specific chart.
(Note: Default charts cannot be edited.)
Create the report and go in the Layout section:
Select Insert Chart and navigate to the report created using the Chart Builder tool.
Save and run the report:
The report can be viewed in different formats such as HTML and PDF. It can be also sent by mail.
Troubleshooting:
If a problem occurs, run the report in the CLI and send it using the following steps:
exe tac report
exe sql-report list-schedule <adom>
exe sql-report list <adom>
exe sql-report run <adom> <report ID>
exe sql-report view report-data <adom> "name of the report"
Related article:
Technical Tip: Create a custom report using Chart Builder Tool from Log View
