FortiCloud update: ability to apply filters to Traffic logs removed
I just logged into FortiCloud for the first time in a few weeks. It appears to have been updated. The logs are now called " FortiView" .
What I logged into find is some traffic history for a particular port. However, the Traffic log no longer has a filter option! Yes there is a new way to break down the data where it is ranked in four categories: Application, Source, Destination and Session. But in at least Session, there needs to be the ability to filter the results. I am looking for sessions on a specific port. There is no way to get to that data right now!
Forticloud seems to keep undergoing significant changes with no advance warning and no communicated plan.
The lack of filters is making the product far less useful than before. Now its impossible to do even simple things like look for blocked traffic from src-ip to dest-ip.
The UTM log category " Application Control" still seems to not be working IPS is sometimes working.
I have a 60D with 5.0.7
The whole FortiCloud offering is being handled like a bit of a hobby by Fortinet. I upgraded to the paid 200GB service (as a test) to use it primarily for archiving web filter logs for security review.
This worked just fine until the latest update to the Forticloud web site. Log data is still getting recorded, but the archived logs aren' t available any longer, nor is there a way to download historical data.
Not really sure what the purpose of purchasing 200GB of storage is if there isn' t a decent way to pull data back down from the site for deeper analysis.
Same here, i' m very frustrated about not being able to download the logs from the Forticloud.
Though i found a small work-around:
In the Fortigate GUI set show log from Forticloud instead of Disk/Memory
Let the logs load (depending on your memory pfff, go to the pages in the logs) and download them as raw data.
I already opened a ticket for a decent solution but they said that i should simply go for the fortianalyzer.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.