Description | This article describes why the FortiGate FortiView widget 'FortiSandbox Files' does not display any records when the source has been configured to FortiGate Cloud. |
Scope | FortiGate, FortiSandbox Cloud, FortiGate Cloud. |
Solution |
FortiGate can be configured with an AntiVirus profile to submit files to FortiSandbox Cloud: Using FortiSandbox post-transfer scanning with antivirus Using FortiSandbox inline scanning with antivirus
When files are submitted to FortiSandbox Cloud, the FortiGate administrator will be able to check what files are being sent to FortiSandbox Cloud for inspection purposes:
In the FortiGate FortiView monitor widget, there is an option to show the scan result for files that have been submitted to FortiSandbox:
It is possible to configure multiple logging destinations on the FortiGate. In this setup, the FortiGate has been configured to save logs in the local disk and FortiGate Cloud. Hence, it is possible to obtain logs from both FortiGate or FortiGate Cloud:
When the source is selected as FortiGate Cloud, the FortiGate FortiView monitor returns an empty record and shows 'No results':
However, once the data source is changed to a local FortiGate disk, it is possible to retrieve the files submitted to be scanned:
This is an expected behavior as the FortiView 'FortiSandbox Files' monitor supports only local disk and FortiAnalyzer as its source. Cloud sources are not supported. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.