Help
FortiWeb
A FortiWeb can be configured to join a Security Fabric through the root or downstream FortiGate.
srajeswaran
Staff
Staff

Created on ‎12-04-2025 02:03 AM Edited on ‎12-05-2025 01:04 AM By Community Manager

Article Id 421740

Troubleshooting Tip: Fixing empty data on FortiWeb Cloud Threat Analytics Dashboard

Description This article describes how to resolve the issue of missing data on the FortiWeb Cloud Threat Analytics Dashboard.
Scope FortiWeb.
Solution

Threat Analytics uses machine learning algorithms to identify attack patterns across application assets, aggregate them into security incidents, and assign severity. This feature separates real threats from informational alerts and false positives to prioritise critical threats.

 

The FortiWeb Threat Analytics dashboard is accessible at https://appsec.fortinet.com/. Use the credentials associated with the registered FortiWeb licenses to log in.

 

Steps to verify configuration:

  1. Verify that the Threat Analytics license is valid on FortiWeb under Dashboard -> Status -> Licenses widget.
  2. From Dashboard -> Status -> System Information, enable Threat Analytics and select OK in the pop-up window.
  3. Enable Attack Log under Log & Report -> Log Config -> Other Log Settings.
  4. Verify the Threat Analytics status under the Threat Analytics widget. Ensure the status is Connected, and Attack Log Forwarding is set to Allow.

 

The Threat Analytics Dashboard should begin populating data.

 

Network Connectivity:

If data remains unpopulated after performing the steps above, ensure the following FQDN/Ports are reachable from FortiWeb:

 

b-1-public.produseast1mskcluster.vbr44g.c24.kafka.us-east-1.amazonaws.com:9194
b-2-public.produseast1mskcluster.vbr44g.c24.kafka.us-east-1.amazonaws.com:9194
b-3-public.produseast1mskcluster.vbr44g.c24.kafka.us-east-1.amazonaws.com:9194
b-1-public.prodeucentral1mskcl.nxsovf.c5.kafka.eu-central-1.amazonaws.com:9194
b-2-public.prodeucentral1mskcl.nxsovf.c5.kafka.eu-central-1.amazonaws.com:9194
b-3-public.prodeucentral1mskcl.nxsovf.c5.kafka.eu-central-1.amazonaws.com:9194

 

Debugging:

If the issue persists, collect the following debug logs and attach the outputs in a FortiWeb support ticket at the Fortinet Support portal :

 

     diagnose system threat-analytics info
   diagnose debug application wassd 7
   diagnose debug application sslutil 7

diagnose debug application logd 7

diagnose debug enable

 

Capture the logs for 3-4 minutes. Use the following command to stop the debug:

 

diagnose debug disable

 

Related article:

Analyzing attack logs in FortiWeb Cloud Threat Analytics 
Troubleshooting Tip: FortiWeb is not send the attack logs to Threat Analytics on FortiAppSec
70
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.