Hi,
Anyone know how repeated log in FortiAnalyzer works?
For example, if I query a Youtube bandwidth usage using "where" filter as "hostname like '%googlevideo.com'"
It will return serveral results with different Application signatures. For example:
Like you can see, we have the same hostname for two different App's signature. These are different traffic and should be sum or are repeated traffic and I need just one?
I have the same doubts for others cases, for example:
If an user using Google Chrome access Facebook website, on Log we will see signatures match to HTTP.BROWSER_Chrome AND Facebook. I can sum both sessions/bandwidth usage?
Regards,
Paulo Raponi
Regards, Paulo Raponi
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.