| Description |
This article describes how to view Security Fabric Rating Report for connecting FortiGate in FortiAnalyzer's FortiView and what it needs to take care of to display and present the data in FortiAnalyzer. |
| Scope | |
| Solution |
1) Make sure Security Fabric group is created in FortiGate itself under GUI -> Fabric Connectors -> Security Fabric Setup.
2) Make sure the FortiAnalyzer Device Manager detects and see the fabric group name.
3) In FortiGate, make sure log event filter for security rating is enabled as well as security rating run on scheduled is enabled. Both config are enabled by default.
# config log eventfilter set security-rating enable <----- end
# config system global set security-rating-run-on-schedule enable <----- end
4) Make sure the FortiAnalyzer is receiving event log for sub type: security-rating from the connecting FortiGate. View under Log View > FortiGate > Event > Security Rating.
5) If any of the sending log device have the Security Fabric group, the section of Fabric State of Security will be appeared in the left menu in the FortiView -> Monitors and it can be viewed with FortiView > Monitors > Fabric State of Security. It will be possible to see the Security Fabric Rating Report widget and its details.
 |
