Hi, All.
I have a some network on my office. This network is use a fortigate, i try to build some network monitoring with Elastiflow. Activate a netflow on my fortigate success, but i have some issue. Why on my network monitoring netflow is not show me a TCP Flags, such as SYN, RST, ACK, and other. The software elastiflow is good working, because i try to my other device such as MikroTik is they can show me TCP Flag types.
In my case, i need to show the connection with TCP Flag, because with them i can analysis some traffic port scanning or bruteforce with filter the TCP Flag (syn).
Any one can help me what the problems ?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
hello
please refer to the document regarding Netflow
https://docs.fortinet.com/document/fortigate/7.6.0/administration-guide/998643/netflow
TCP State is not supported with the FortiGate's netflow unfortunately. You can see all supported values here: https://docs.fortinet.com/document/fortigate/7.4.5/administration-guide/448589
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.