Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Melon_Molusk
New Contributor

Created on ‎09-26-2022 11:52 AM Edited on ‎09-26-2022 01:08 PM

In which table in the DB I can find the data that is show in the Analytics section?

Hi, Im tring to retrieve some data from the Database, I need to get this events types:

 

PH_SYSTEM_EVENTS_PER_SEC
PH_SYSTEM_STORED_EVENTS_PER_SEC
PH_SYSTEM_SUMM_EVENTS_STORED_EPS
PH_SYSTEM_EVENTS_FWD_STAT
PH_SYSTEM_INTERNAL_EVENTS_PER_SEC
PH_SYSTEM_PERF_EVENTS_PER_SEC
PH_SYSTEM_IP_EVENTS_PER_SEC
PH_SYSTEM_DEVAPP_EVENTS_PER_SEC
PH_SYSTEM_EPS_GLOBAL
PH_SYSTEM_EPS_NODE
PH_SYSTEM_EPS_ORG
PH_PROF_ET_116_EPS

 

This types are listed in the "ph_event_type" table, but I need to get their histogram data like is shown in the GUI of fortisiem.

 

MicrosoftTeams-image.png

Labels:
851
0 Kudos
3 REPLIES 3
premchanderr
Staff
Staff

Created on ‎09-26-2022 08:38 PM

Hi @Melon_Molusk ,

 

The logs are stored not stored in cmdb, but in eventdb. Which is structured more like linux file system and not sql.  

 

You can run historical search using same condition system event category = 3 and add required filters. 

 

What is that you are looking for in backend that's not available in GUI > Analytics ?

Regards,
Prem Chander R
838
Melon_Molusk
New Contributor
In response to premchanderr

Created on ‎09-27-2022 12:53 PM

Hi @premchanderr , Thanks for you answer, I want to integrate with another plataform, I already get all incidents from the ph_incident table from the database, but now I need those analitycs metrics.

 

this eventdb is located in the server? (I dont have access yet so I have to ask for them), this are just logs? there is an API to make requests?

 

Thanks!

834
0 Kudos
premchanderr
Staff
Staff

Created on ‎09-29-2022 09:30 PM

Hi @Melon_Molusk ,

 

For API Integration of Events and Report:

https://docs.fortinet.com/document/fortisiem/6.6.2/integration-api-guide/451674/events-and-report-in...

 

Another method to forward syslog received in Fortisiem:

https://help.fortinet.com/fsiem/6-6-2/Online-Help/HTML5_Help/Event_Handling_Settings.htm?Highlight=e...

 

You can export event in backend to CSV:

https://help.fortinet.com/fsiem/6-6-2/Online-Help/HTML5_Help/appendix-exporting_events_to_files.htm?...

 

If you face any issue in these methods I would suggest you to open ticket with Fortinet TAC and an engineer would be glad to assist you. 

For any general query on these topics you are welcome to discuss here.

 

 

Regards,
Prem Chander R
820
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.