Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
pcraponi
Contributor II

User report by time and usage

Hi,

 

Forticloud has a report that bring useful data for a customer... We need replicate this on FortiAnalyzer. It's possible?

 

Are a drill-down report by User, % of traffic usage on network, Time period (by hour), % of bandwidth usage on that hour and Traffic usage:

 

 

 

Has a dataset or macro with this kind of information?

 

 

Regards,

 

Regards, Paulo Raponi

Regards, Paulo Raponi
5 REPLIES 5
hzhao_FTNT
Staff
Staff

Hi there , we don't have similar predefined chart/dataset, you have to create custom dataset like:

log type: traffic

select coalesce(nullifna(`user`), nullifna(`unauthuser`), ipstr(`srcip`)) as user_src, date_trunc('hour', from_itime(itime)) as hod, sum(coalesce(sentbyte, 0)+coalesce(rcvdbyte, 0)) as bandwidth from $log where $filter and logid_to_int(logid) not in (4, 7, 14) group by user_src, hod having sum(coalesce(sentbyte, 0)+coalesce(rcvdbyte, 0))>0 order by bandwidth desc

Then create a drilldown table chart, pls see attached screenshot for chart config.

 

Regards.

hz

 

 

pcraponi

Hi hzhao,

 

I've changed the order by to "hod" but the FAZ still ordering by bandwidth. You know why this behavior? I need an order by Date/Time. Follow the issue:

 

And... Drilldown only accept 3 fields, right? I want add the Requests of each hour

 

Regards, Paulo Raponi

Regards, Paulo Raponi
hzhao_FTNT

Hi there,

 

Our drilldown table chart only support up to 3 columns and order by the 3rd column. This is hard coded and can't be customized by user. 

 

Regards,

hz

pcraponi

and about the hod field not order by?

Regards, Paulo Raponi

Regards, Paulo Raponi
hzhao_FTNT

It is the same thing. Order-by should be hidden for drill-down table chart, we have a bug for it.

Labels
Top Kudoed Authors