Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ssenthil
Staff
Staff

Created on ‎10-18-2022 03:59 PM

Article Id 227061

Troubleshooting Tip: Finding the User info that edited SSLVPN bookmark in web mode

Description

 

This article describes how to find the username who edited the SSLVPN bookmark in web mode using the event logs.

 

Scope

 

FortiGate.

 

Solution

 

Lets add the SSLVPN bookmark from the user's web portal. From the image, one can see that Fortinet is the SSLVPN user.

 

For example:

 

ssenthil_0-1666119311959.png

 

 New bookmark that was added looks something like this.

 

ssenthil_1-1666119311960.png

 

Go to log and report - > Events - > System events.

When logs are checked to verify username, the 'User' field is empty.

But the actual username can be found under the 'Event' field by keyword 'Config Object'.

 

ssenthil_14-1666119619434.png

 

For ref:

 

ssenthil_15-1666119619434.png

 

Similar information can be seen from Raw log or downloaded log.

 

For example:

 

date=2022-10-18 time=11:11:11 eventtime=1666116671698083054 tz="-0700" logid="0100044547" type="event" subtype="system" level="information" vd="root" logdesc="Object attribute configured" ui="sslvpnd" action="Edit" cfgtid=9306310 cfgpath="vpn.ssl.web.user-bookmark" cfgobj="fortinet#" cfgattr="bookmarks:test5[url[10.1.1.1]]" msg="Edit vpn.ssl.web.user-bookmark fortinet#"

Preview file
59 KB
Preview file
26 KB
Preview file
25 KB
Labels:
656
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.