Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
jimmykcherian
New Contributor II

Created on ‎09-22-2015 12:01 AM

Detailed report for all users per page

Dear All, this forum was helping me a lot, my question is previously our company was using ISA server and the reporting was pretty good and they need the same like report. Which is for each user they need to have site, category, hits, browsingtime, bandwidth. I tried preparing the report but the user will come on the left column and they need separate sheet for each user like in the attached report. This will be a great help if we can have it. Thank you for reading and helping me :)

Logs.JPG
Preview file
111 KB
7571
0 Kudos
1 Solution
jimmykcherian
New Contributor II

Created on ‎09-30-2015 01:00 AM

Dear , I hope you got the result now, I did some more modification as follows.

1) create dataset with the query "

select (coalesce(nullifna(`user`), 'Unknown') || ' (IP : ' || coalesce(ipstr(srcip), 'Unknown') || ' * SI : ' || coalesce(nullifna(`srcname`),nullifna(`srcmac`)) || ')') as user_src, root_domain(hostname) as hostname, sum($browse_time) as browsetime, sum(coalesce(sentbyte, 0)+coalesce(rcvdbyte, 0)) as bandwidth from $log where $filter and logid_to_int(logid) not in (4, 7, 14) and hostname is not null group by user_src, root_domain(hostname) having sum($browse_time)>0 order by user_src, hostname

"

2) create a chart library as attached and create a report with the chart

Let me know if you need more details.

 

 

 

View solution in original post

chart.JPG
Preview file
58 KB
4171
0 Kudos
6 REPLIES 6
hzhao_FTNT
Staff
Staff

Created on ‎09-22-2015 08:34 AM

Hi there, if predefined "User Report" doesn't work for you, maybe you can create a custom report, insert a macro "User Details", and add a custom chart below it. Run this report with each user filter.

 

Regards,

hz

4131
0 Kudos
jimmykcherian
New Contributor II

Created on ‎09-26-2015 11:16 PM

Dear Hz, Thank you so much for the prompt reply, I did a dataset as follows and on chart library I select drill down as I know I can have 3 columns but arranged it by the queries dummy data. I am posting the details here so u can rectify me and it can be helpful to others also.

 

select distinct coalesce(nullifna(`user`)) as user_src, hostname, catdesc, '-' as seperator, 'hits' as comments, count(1) as hits, sum($browse_time2) as browsetime, sum(coalesce(sentbyte, 0)+coalesce(rcvdbyte, 0)) as bandwidth from $log where $filter and logid_to_int(logid) not in (4, 7, 14) and hostname is not null group by user_src, hostname, catdesc having sum($browse_time2)>0 order by user_src, hostname, catdesc

4130
0 Kudos
pcraponi
Contributor II
In response to jimmykcherian

Created on ‎09-29-2015 11:21 AM

jimmykcherian wrote:

 

select distinct coalesce(nullifna(`user`)) as user_src, hostname, catdesc, '-' as seperator, 'hits' as comments, count(1) as hits, sum($browse_time2) as browsetime, sum(coalesce(sentbyte, 0)+coalesce(rcvdbyte, 0)) as bandwidth from $log where $filter and logid_to_int(logid) not in (4, 7, 14) and hostname is not null group by user_src, hostname, catdesc having sum($browse_time2)>0 order by user_src, hostname, catdesc

I'm using FortiAnalyzer 5.2.3 and your SQL give no results. I've created a dataset with Log Type TRAFFIC. What is you FAZ version?

Regards, Paulo Raponi

Regards, Paulo Raponi
4130
0 Kudos
hzhao_FTNT
Staff
Staff
In response to pcraponi

Created on ‎09-29-2015 11:37 AM

browse_time2 is based on webfilter logs. If webfilter profile on FGT is "Allow" instead of "Monitor", you won't see any data from this dataset. Please change $browse_time2 to $browse_time which is from traffic logs.

 

regards,

hz

4130
0 Kudos
jimmykcherian
New Contributor II

Created on ‎09-30-2015 01:00 AM

Dear , I hope you got the result now, I did some more modification as follows.

1) create dataset with the query "

select (coalesce(nullifna(`user`), 'Unknown') || ' (IP : ' || coalesce(ipstr(srcip), 'Unknown') || ' * SI : ' || coalesce(nullifna(`srcname`),nullifna(`srcmac`)) || ')') as user_src, root_domain(hostname) as hostname, sum($browse_time) as browsetime, sum(coalesce(sentbyte, 0)+coalesce(rcvdbyte, 0)) as bandwidth from $log where $filter and logid_to_int(logid) not in (4, 7, 14) and hostname is not null group by user_src, root_domain(hostname) having sum($browse_time)>0 order by user_src, hostname

"

2) create a chart library as attached and create a report with the chart

Let me know if you need more details.

 

 

 

chart.JPG
Preview file
58 KB
4172
0 Kudos
pcraponi
Contributor II

Created on ‎10-01-2015 07:29 AM

like a charm.... 

 

Thank you

Regards, Paulo Raponi

Regards, Paulo Raponi
4130
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.