Report about policy hits: srcip+dstip+proto+port (FAZ/FMG)
Hello all, because I want to optimize some roughly builded policies on our firewalls, I need an overview about actual communications, that are passing through some policies in a 3 month history review. I thought about to use the report feature of the FortiAnalyzer (2000E, v5.6), but didn't find an proper template. I would like to see all sessions cumulated in a socket manner per policy ID, that means, source-ip + destination-ip + protocol + port, and optional the amount of such individual sessions.
Is there such a template available, or can anyone share such a template? Or do you have another idea, how to evaluate those informations? Fortimanager 6.2.5 is also available.