Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
kvoegele
New Contributor

Drilling down on the 'Alert message console'

Hey Guy's,

 

I am noticing consistent attempts to log into our device from our wan link (shown by the alert message console widget). I have not been able to figure out how to drill down and look at the IP that is trying to gain access. Any help would be greatly appreciated. 

 

For now I have blocked all telnet and ssh attempts to the wan link and have the https access limited to static public IP's.

 

Thanks in advance!

1 Solution
AtiT
Valued Contributor

Hello,

I think it should be logged under Event log -> System.

 

See the attached screenshot.

AtiT

View solution in original post

AtiT
2 REPLIES 2
AtiT
Valued Contributor

Hello,

I think it should be logged under Event log -> System.

 

See the attached screenshot.

AtiT

AtiT
kvoegele
New Contributor

Thanks for your help. You are correct I just need to add the 'login' filter.

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors