Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
AlexFeren
New Contributor III

Fortigate Application Control "Dropbox" excludes web-based access?

Dropbox service can be accessed using a web browser or a host-based app.

Does Application Control "Dropbox" apply to traffic from web browser, host-based app or both?

26 REPLIES 26
AlexFeren
New Contributor III

Hi HoMing,

> I looked at the spreadsheet and everything looks right to me.

Oh, please do explain why list of destinations over last 3 days is fewer than that that over last 1 day (68 vs 71).

 

> If SNI was not included ... id-at-commonName of the SSL Certificate

We don't do deep-inspection. In this case, what would "hostname" field show? (Better still, a hyperlink to relevant documentation?)

R's, Alex

hmtay_FTNT

>>Oh, please do explain why list of destinations over last 3 days is fewer than that that over last 1 day (68 vs 71).

 

Can you do the filtering on your FortiAnalyzer, download the logs and send them to me? I dont see it in the ticket. The 2 images for 7day and 1day are the same. 

 

>>We don't do deep-inspection. In this case, what would "hostname" field show?

 

It will still be the id-at-commonName of the SSL Certificate. The engine does not need to do deep-inspection to see the commonName.

AlexFeren
New Contributor III

> The 2 images for 7day and 1day are the same.

 

My mistake. However, the pictures are only proof that data in spreadsheet is genuine - the actual data is in multiple "sheets" (or "tabs") of the spreadsheet.

 

> Can you do the filtering on your FortiAnalyzer

 

Could you please see Ticket #2159670's "2017-05-01 18:24:00 (PT)" and "2017-05-02 01:30:00 (PT)" entries.

 

 

hmtay_FTNT

Hi Alex,

 

Okay, I see it now. Yes, it does look unusual for the 2 days log to have more entries than the 3 days log. Can I know what is your FortiAnalyzer version? I checked with the developers and there is a bug with inaccurate FortiAnalyzer log results for version 5.2.6 and below and 5.4.0. Are you using any of the versions mentioned?

AlexFeren
New Contributor III

Hi HoMing,

>  I checked with the developers and there is a bug with inaccurate FortiAnalyzer log results for version 5.2.6 and below and 5.4.0.

 

We're on "v5.2.4-build0738 150923 (GA)". Since this matches "version 5.2.6 and below", I see no point in further analysis since the advice will always be to update, agree?

 

Additionally, in the Ticket I've asked: "how can I retrieve the file output of a command "execute tac report" specified with a filename?" as both CLI Reference Guide and command line documents the option, however, not how to retrieve the resulting file.

R's, Alex

 

 

hmtay_FTNT

Hello Alex,

 

>>We're on "v5.2.4-build0738 150923 (GA)". Since this matches "version 5.2.6 and below", I see no point in further analysis since the advice will always be to update, agree?

 

Unfortunately, yes. In some cases, we can improvise some ways to get around bugs, but not this one.

 

>>Additionally, in the Ticket I've asked: "how can I retrieve the file output of a command "execute tac report" specified with a filename?" as both CLI Reference Guide and command line documents the option, however, not how to retrieve the resulting file.

 

If you are using a software like PuTTy, it will save the output to a file. If you are using a Unix terminal, you can execute the command as such: "ssh admin@xx.xx.xx.xx > out.txt". This will save the logs to the output file. You cant do this on the GUI as you wont be able to save the output automatically as the logs are generated.

 

HoMing

AlexFeren
New Contributor III

Hi HoMing,

 

>>Additionally, in the Ticket I've asked: "how can I retrieve the file output of a command "execute tac report" specified with a filename?" as both CLI Reference Guide and command line documents the option, however, not how to retrieve the resulting file.

> If you are using a software like PuTTy, it will save the output to a file. let's not divert - I'm not asking for a workaround, I'm specifically referring to parameter documented in FortiAnalyzer CLI Reference Guide (in 5.2.4, page 146):

tac Use this command to run a TAC report. Syntax execute tac report [< file_name>] Variable Description < file_name> Optional output file name
and, on my device's command prompt:

FAZ3000E # execute tac report ? output file name Optional output file name.

 

The question is - how to retrieve the file "my_tac_report" created as a result of issuing command "execute tac report my_tac_report"?

R's, Alex

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors