Environment Context:
FortiClient EMS Cloud (7.0.6) -> FortiAnalyzer VM hosted (7.0.4)
I am trying to extract a report showing a breakdown of all our EMS endpoints, along with their installed and enabled features (av, fw, vuln, etc).
This is proving to be really difficult, but using the log viewer as a starting point, I get this query:
select `uid`, string_agg(distinct `user`, ' ') as user__agg_, string_agg(distinct `hostname`, ' ') as hostname__agg_, string_agg(distinct `epenfeatures`, ' ') as epenfeatures__agg_, string_agg(distinct `epfeatures`, ' ') as epfeatures__agg_ from ###(select `uid`, `user`, `hostname`, `epenfeatures`, `epfeatures` from $log where $filter group by `uid`, `user`, `hostname`, `epenfeatures`, `epfeatures` order by `uid` desc)### t group by `uid` order by `uid` desc
The problem I'm currently having is that many of these fields (especially 'epenfeatures') are returning empty for most endpoints, when I can clearly see that data in FortiClient EMS Cloud.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello t-admin,
Thank you for using the Community Forum.
I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Regards,
Hello,
We are still looking for a solution to your question.
We will come back to you as soon as we got it.
Regards,
Hello,
I have found this document:
Could you please tell me if you can find helping information?
Regards,
Hi @Anthony_E , thanks for the link.
I have already tried using tags as shown in that document, and by using zero trust tags, but there are no rules for getting the installed features and custom tags would mean manually tagging every endpoint.
Hello t-admin,
No problem at all.
We will contine to look for a solution.
Regards,
Hello t-admin,
I am still looking for a solution.
Meanwhile, did you try to upgrade your units with the last version?
Regards,
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1703 | |
1092 | |
752 | |
446 | |
229 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.