Dropbox service can be accessed using a web browser or a host-based app.
Does Application Control "Dropbox" apply to traffic from web browser, host-based app or both?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi HoMing,
> I looked at the spreadsheet and everything looks right to me.
Oh, please do explain why list of destinations over last 3 days is fewer than that that over last 1 day (68 vs 71).
> If SNI was not included ... id-at-commonName of the SSL Certificate
We don't do deep-inspection. In this case, what would "hostname" field show? (Better still, a hyperlink to relevant documentation?)
R's, Alex
>>Oh, please do explain why list of destinations over last 3 days is fewer than that that over last 1 day (68 vs 71).
Can you do the filtering on your FortiAnalyzer, download the logs and send them to me? I dont see it in the ticket. The 2 images for 7day and 1day are the same.
>>We don't do deep-inspection. In this case, what would "hostname" field show?
It will still be the id-at-commonName of the SSL Certificate. The engine does not need to do deep-inspection to see the commonName.
> The 2 images for 7day and 1day are the same.
My mistake. However, the pictures are only proof that data in spreadsheet is genuine - the actual data is in multiple "sheets" (or "tabs") of the spreadsheet.
> Can you do the filtering on your FortiAnalyzer
Could you please see Ticket #2159670's "2017-05-01 18:24:00 (PT)" and "2017-05-02 01:30:00 (PT)" entries.
Hi Alex,
Okay, I see it now. Yes, it does look unusual for the 2 days log to have more entries than the 3 days log. Can I know what is your FortiAnalyzer version? I checked with the developers and there is a bug with inaccurate FortiAnalyzer log results for version 5.2.6 and below and 5.4.0. Are you using any of the versions mentioned?
Hi HoMing,
> I checked with the developers and there is a bug with inaccurate FortiAnalyzer log results for version 5.2.6 and below and 5.4.0.
We're on "v5.2.4-build0738 150923 (GA)". Since this matches "version 5.2.6 and below", I see no point in further analysis since the advice will always be to update, agree?
Additionally, in the Ticket I've asked: "how can I retrieve the file output of a command "execute tac report" specified with a filename?" as both CLI Reference Guide and command line documents the option, however, not how to retrieve the resulting file.
R's, Alex
Hello Alex,
>>We're on "v5.2.4-build0738 150923 (GA)". Since this matches "version 5.2.6 and below", I see no point in further analysis since the advice will always be to update, agree?
Unfortunately, yes. In some cases, we can improvise some ways to get around bugs, but not this one.
>>Additionally, in the Ticket I've asked: "how can I retrieve the file output of a command "execute tac report" specified with a filename?" as both CLI Reference Guide and command line documents the option, however, not how to retrieve the resulting file.
If you are using a software like PuTTy, it will save the output to a file. If you are using a Unix terminal, you can execute the command as such: "ssh admin@xx.xx.xx.xx > out.txt". This will save the logs to the output file. You cant do this on the GUI as you wont be able to save the output automatically as the logs are generated.
HoMing
Hi HoMing,
>>Additionally, in the Ticket I've asked: "how can I retrieve the file output of a command "execute tac report" specified with a filename?" as both CLI Reference Guide and command line documents the option, however, not how to retrieve the resulting file.
> If you are using a software like PuTTy, it will save the output to a file. let's not divert - I'm not asking for a workaround, I'm specifically referring to parameter documented in FortiAnalyzer CLI Reference Guide (in 5.2.4, page 146):
tac Use this command to run a TAC report. Syntax execute tac report [< file_name>] Variable Description < file_name> Optional output file nameand, on my device's command prompt:
FAZ3000E # execute tac report ? output file name Optional output file name.
The question is - how to retrieve the file "my_tac_report" created as a result of issuing command "execute tac report my_tac_report"?
R's, Alex
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1705 | |
1093 | |
752 | |
446 | |
230 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.