Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
sbabu
Staff
Staff

Created on ‎12-30-2024 04:33 AM

Article Id 367334

Technical Tip: How to fetch Malicious Threat logs in FortiGate firewall.

Description

 

This article describes how to fetch malicious threat logs in the FortiGate firewall.

 

Scope

 

FortiGate.

 

Solution

 

FortiGate uses advanced threat protection (ATP) to protect organizations from cyberattacks and malware that aim to corrupt or steal sensitive data. 

 

Step 1: Enable ATP widget.

Enable the ATP widget in the GUI to see the real-time logs. 

Go to Dashboard -> Status -> Add widget -> ATP.

 

ATP.png

 

Step 2:

Once enabled, try to upload or send any malicious file from a PC which is behind the FortiGate firewall.

 

end_PC.png

 

While attempting to upload the malicious file, the FortiGate firewall will be scanning these files in real-time, and if this is a malicious file, the FortiGate firewall will stop sending this file, and the count will be incremented in the ATP widget as shown above. 

 

These logs can be seen under Log and report -> Security Events -> Antivirus

 

ATP2.png

 

75
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.