Hi,
I am hoping someone can help me out in setting up a custom report, I am struggling to get the right data out.
I am not after anything too complex, simply a report to show:
[ul]Now, there are default reports showing similar information (such as showing top categories by sessions, just not top sessions per category) so I know this should be possible but being quite new to the Analyser I am not quite sure how!
Thanks in advance,
Phill
Hello,
How about below dataset ?
SELECT coalesce(nullifna(`user`), nullifna(`unauthuser`), ipstr(`srcip`)) AS "Source", appcat AS "Application", hostname AS "Host", count(*) AS "Sessions"
FROM $log
WHERE $filter AND nullifna(appcat) is not null AND nullifna(hostname) is not null
GROUP BY "Application" , "Source", "Host"
ORDER BY "Sessions" desc
LIMIT 20
Let me know if this works for you.
Cheers
Thanks for the update, apologies for the delay in responding.
I have configured the dataset as above however I am unsure how to apply this to a report! As mentioned, I'm new to the Analyser and there doesn't appear to be a great deal of documentation online about setting up these reports and utilising datasets.
Hello,
[ul]
Since you are new to the Fortinet's world , I would strongly suggest you review [link=https://docs.fortinet.com/uploaded/files/4592/FortiAnalyzer-6.0.2-Administration-Guide.pdf]FortiAnalyzer Administration Guide -section Reports from page 93[/link] .
I have also attached a very brief graph for you.
Rate my post if you find it helpful .
*** This is just a very general overview. If you need more explanation you can either create a ticket with Fortinet support or take the NSE5 courses (FAZ section)
Cheers
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.