Hello. I'm very new to FortiNet products so please forgive me in advance. Under Security Events, on the summary page it says "No events" on everything, including AntiVirus. I have tested that the AntiVirus is working and logging events by going to eicar.org and trying to download their test files. If I click to view the AntiVirus logs, it does show those attempts were blocked. Why would it still show as "No events" in the summary? I tried changing to monitor instead of block, it lets the malware through and logs it, but that still does not show as a security event either.
The same thing goes for intrusion prevention. I see logs where connections were dropped to our webserver from the intrusion provention protocols, but they do not show as an event either in the summary.
Any and all help would be greatly appreciated. Thank you.
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello. So my issue seems to have been with the GLOBAL region website for FortiGate Cloud. I am not sure if they are having website issues. From Security Fabirc->Fabric Connectors->Logging & Analytics->Logging Settings->Cloud Logging I disconnected my account and then logged back in. When I did, I saw it had a domain option. I left it as Global since that is what it defaulted to and what the cloud website was using previously. It still didn't work. So I disconnected it again and this time chose US and now everything works exactly how it should. That website looks and controls differently than the GLOBAL website. But anyway, now everything is working exactly like I had expected. I am seeing the summary and it's showing plenty of events now. Hope this helps anyone that has this problem in the future.
Created on 10-17-2023 08:45 AM Edited on 10-17-2023 08:49 AM
I don't have these options. Is it because I am on 7.4.1?
EDIT: TO clarify, it is active but in the widget it says:
Status Activated
Log Retention Licensed
Storage Used 0 B
Sandbox Licensed
Yes that was just a guide based on old version just to try and compare.
But I say again: I do not have any of these options.
I was looking at my Security logs in the event viewer, and I have thousands of events, like user account management almost nonstop, like seconds apart of events. The ids I'm seeing are 5382, 5379 and 4798, over and over. With logon and special logon. There are other events but most of the events are those three IDs.
Hello. So my issue seems to have been with the GLOBAL region website for FortiGate Cloud. I am not sure if they are having website issues. From Security Fabirc->Fabric Connectors->Logging & Analytics->Logging Settings->Cloud Logging I disconnected my account and then logged back in. When I did, I saw it had a domain option. I left it as Global since that is what it defaulted to and what the cloud website was using previously. It still didn't work. So I disconnected it again and this time chose US and now everything works exactly how it should. That website looks and controls differently than the GLOBAL website. But anyway, now everything is working exactly like I had expected. I am seeing the summary and it's showing plenty of events now. Hope this helps anyone that has this problem in the future.
If your FortiNet summary page shows No events for Security Events and AntiVirus, but individual logs confirm that events are being recorded, it could be due to a configuration or display setting issue. Ensure that the logs are properly categorized and that the summary page settings are configured to display these logs correctly. It's similar to how Cannabis security solutions need proper setup to ensure all events are accurately tracked and displayed. Double-check the event severity filters and make sure they are set to include all relevant logs in the summary view.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1640 | |
1066 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.