FortiInsight monitors endpoint activity in the form of events. It provides automated inspection and alerts against these events in the form of policy and Augmented intelligence (AI) based inspection.
Article Id 197295

Forensic Activity provides an overview of all the activity recorded by FortiInsight including; 

  • summary accounts of endpoints, users, applications, files, folders and activities

  • lists of the most seen applications and users

Alerts gives an overview of all alerts fired by FortiInsight, including;

  • the number of users who have breached policies

  • the number of policies that have been breached, and

  • a breakdown of how many alerts have been fired by each policy, or associated with specific tags

Data Flow provides an overview of;

  • how much data has been transferred into and out of your network, including the users and countries involved

  • a breakdown of the most seen file extensions to give you an idea of what types of data are being transferred

  • a daily breakdown of data transfer

Applications gives an overview of the key categories of application that have been seen in your network.