Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Mohammedsalhi
New Contributor II

Created on ‎08-23-2025 03:58 AM

FortiWeb User Tracking not matching the requested URL

Dear Team ,

 

Using the following http://testasp.vulnweb.com/, I'm attempting to set up user tracking so that I can see the username in the logs and use brute force based on the username attampts rather than the session. However, it is not working, so I'm not sure what the problem might be.

This screen shot may be helpful.11.jpg

Labels:
131
0 Kudos
3 REPLIES 3
funkylicious
SuperUser
SuperUser

Created on ‎08-23-2025 05:48 AM

hi,

did you follow the guide as for setting user tracking like for example described here, https://docs.fortinet.com/document/fortiweb/7.0.3/administration-guide/902681/tracking ?

"jack of all trades, master of none"
"jack of all trades, master of none"
116
Mohammedsalhi
New Contributor II
In response to funkylicious

Created on ‎08-25-2025 06:00 AM

Yes but it did not match the username.22.jpg

69
0 Kudos
funkylicious
SuperUser
SuperUser
In response to Mohammedsalhi

Created on ‎08-25-2025 09:08 PM

i would try with Authentication URL as /login , Logoff path as /logout and for Auth Result condition table, i would configure as per https://help.fortinet.com/fweb/561/Content/FortiWeb/fortiweb-admin/user_tracking.htm 

"jack of all trades, master of none"
"jack of all trades, master of none"
49
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.