Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
jmillward
New Contributor

Fortigate displays config changes but Fortianalyzer can't pull report

Hi Guys,

 

I am using a Fortigate 900D on which I can see the logs of config changes by administrators by filtering on the log ID's 44544, 44545, 44546 and 44547.

 

 

We are also using a Fortianalyzer 400E on which I am trying to run a report to match on system events to match on cfgattr; cfgobj; and cfgpath but nothing is shown after running the report. All event logs are being sent to the FAZ. I have attached a screenshot of the Forti and the FAZ.

 

Any help would be most welcome!

 

Thanks,

 

Jonathan

2 REPLIES 2
dmcquade
New Contributor III

I don't see any values set in your 3 filters. Could that be the problem? From the log view, once you have the data filtered to your liking, save the query which you can then use in a report.

 

HTH

d

jmillward

Thanks,

 

I solved it by creating a dataset which pulls from the log and then created a chart that uses that dataset.

 

I found the following post very helpful https://forum.fortinet.com/tm.aspx?m=144882 

 

:)

Labels
Top Kudoed Authors