Hello! Could you please help me with creating custom report templates.
I want to create report with specific columns (example is in attached file).
And one more question - Can I add to report some of Active Directory atributes?
tel +7 7222 600006
fax +7 7222 604740
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
In most cases, we can not see HOSTNAME of the user PC in log. Maybe you can select srcip in dataset, then enable "Resolve Hostname" in chart setting. If the srcip can be resolved by your DNS, then you will see hostname in report output.
Please try:
select to_char(from_dtime(dtime), 'dd.mm.yyyy') as daystamp, coalesce(nullifna(`user`), nullifna(`unauthuser`), 'N/A') as user_src, coalesce(`srcname`, ipstr(`srcip`)) as dev_src, catdesc, hostname as website, sum(coalesce(sentbyte, 0)+coalesce(rcvdbyte, 0)) as bandwidth from $log where $filter and hostname is not null and logid_to_int(logid) not in (4, 7, 14) and (countweb>0 or ((logver is null or logver<52) and (hostname is not null or utmevent in ('webfilter', 'banned-word', 'web-content', 'command-block', 'script-filter')))) group by daystamp, user_src, dev_src, catdesc, website order by daystamp desc, bandwidth desc
Not sure which attribute of AD do you need. We do support ldap filter for report, so you can add group filter based on AD.
regards,
hz
Hello. It's very usefull and looks great!
But one more question - Could we add to report the HOSTNAME of the user PC?
In most cases, we can not see HOSTNAME of the user PC in log. Maybe you can select srcip in dataset, then enable "Resolve Hostname" in chart setting. If the srcip can be resolved by your DNS, then you will see hostname in report output.
Ok. Thanks.
Last question: In report filter we can choose only two parameters (Equals or Not Equals). We need filter all bandwidth results less than 1MB from report. Is it possible?
Hi there,
It is not possible to make a report/chart filter with less or greater. To filter out session less than 1MB, you have to put this filter in SQL query. For example, select **** from **** group by **** having sum(coalesce(sentbyte, 0)+coalesce(rcvdbyte, 0)) >= 1048576 order by ****
regards,
hz
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1518 | |
1018 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.