Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
gaznaran
New Contributor

Created on ‎06-13-2023 01:12 PM

Traffic analysis with Fortinet or Fortianalyzer. Help.

hello, i am trying to find the fault between a workstation and a DB server. So I generated the following report with my firewall but I'm not sure if the results indicate that everything is good or bad. I would also like to ask for help to be able to evaluate the traffic between a workstation and a DB server using fortianalyzer which I cannot handle.

 

 

2023-06-13_17-10-27.png2023-06-13_17-10-38.png

Labels:
1201
0 Kudos
5 REPLIES 5
akristof
Staff
Staff

Created on ‎06-13-2023 11:47 PM

Hello,

What are the log details for this traffic/session?

Adrian
1168
0 Kudos
gaznaran
New Contributor
In response to akristof

Created on ‎06-14-2023 04:56 AM

Hello Akristof, I attached them in the previous post, in image mode but I'll give it to you in text.

 

# Date/Time Source/Device Destination Service Sent/Received User Application Security Action
1 06-13 15:28 10.10.135.89 10.10.100.10 PING 7.0 KB/7.0 KB PING
2 06-13 15:26 10.10.135.89 10.10.100.10 HTTP 3.1 KB/1.5 KB HTTP
3 06-13 15:26 10.10.135.89 10.10.100.10 PING 7.0 KB/7.0 KB PING
4 06-13 15:24 10.10.135.89 10.10.100.10 PING 7.0 KB/7.0 KB PING
5 06-13 15:24 10.10.135.89 10.10.100.10 HTTP 3.1 KB/1.5 KB HTTP
6 06-13 15:22 10.10.135.89 10.10.100.10 PING 7.0 KB/7.0 KB PING
7 06-13 15:21 10.10.135.89 10.10.100.10 HTTP 3.1 KB/1.5 KB HTTP
8 06-13 15:20 10.10.135.89 10.10.100.10 PING 7.0 KB/7.0 KB PING
9 06-13 15:19 10.10.135.89 10.10.100.10 HTTP 3.1 KB/1.5 KB HTTP
10 06-13 15:18 10.10.135.89 10.10.100.10 PING 7.0 KB/7.0 KB PING
11 06-13 15:16 10.10.135.89 10.10.100.10 HTTP 3.1 KB/1.5 KB HTTP
12 06-13 15:16 10.10.135.89 10.10.100.10 PING 7.0 KB/7.0 KB PING
13 06-13 15:14 10.10.135.89 10.10.100.10 PING 7.0 KB/7.0 KB PING
14 06-13 15:14 10.10.135.89 10.10.100.10 HTTP 3.1 KB/1.5 KB HTTP
15 06-13 15:12 10.10.135.89 10.10.100.10 PING 6.8 KB/7.0 KB PING
16 06-13 15:11 10.10.135.89 10.10.100.10 HTTP 3.1 KB/1.5 KB HTTP
17 06-13 15:10 10.10.135.89 10.10.100.10 PING 7.0 KB/6.8 KB PING
18 06-13 15:09 10.10.135.89 10.10.100.10 HTTP 3.1 KB/1.5 KB HTTP
19 06-13 15:08 10.10.135.89 10.10.100.10 PING 7.0 KB/7.0 KB PING
20 06-13 15:06 10.10.135.89 10.10.100.10 PING 7.0 KB/7.0 KB PING
21 06-13 15:06 10.10.135.89 10.10.100.10 HTTP 3.1 KB/1.5 KB HTTP
22 06-13 15:04 10.10.135.89 10.10.100.10 PING 7.0 KB/7.0 KB PING
23 06-13 15:04 10.10.135.89 10.10.100.10 HTTP 3.1 KB/1.5 KB HTTP
24 06-13 15:02 10.10.135.89 10.10.100.10 PING 7.0 KB/7.0 KB PING
25 06-13 15:01 10.10.135.89 10.10.100.10 HTTP 3.1 KB/1.5 KB HTTP
26 06-13 15:00 10.10.135.89 10.10.100.10 PING 7.0 KB/7.0 KB PING
27 06-13 14:58 10.10.135.89 10.10.100.10 HTTP 3.1 KB/1.5 KB HTTP
28 06-13 14:58 10.10.135.89 10.10.100.10 PING 7.0 KB/7.0 KB PING
29 06-13 14:56 10.10.135.89 10.10.100.10 PING 7.0 KB/7.0 KB PING
30 06-13 14:56 10.10.135.89 10.10.100.10 HTTP 3.1 KB/1.5 KB HTTP
31 06-13 14:54 10.10.135.89 10.10.100.10 PING 7.0 KB/7.0 KB PING
32 06-13 14:53 10.10.135.89 10.10.100.10 HTTP 3.1 KB/1.5 KB HTTP
33 06-13 14:52 10.10.135.89 10.10.100.10 PING 7.0 KB/7.0 KB PING
34 06-13 14:51 10.10.135.89 10.10.100.10 HTTP 3.1 KB/1.5 KB HTTP
35 06-13 14:50 10.10.135.89 10.10.100.10 PING 7.0 KB/7.0 KB PING
36 06-13 14:48 10.10.135.89 10.10.100.10 HTTP 3.1 KB/1.5 KB HTTP
37 06-13 14:48 10.10.135.89 10.10.100.10 PING 7.0 KB/7.0 KB PING
38 06-13 14:46 10.10.135.89 10.10.100.10 PING 7.0 KB/7.0 KB PING
39 06-13 14:46 10.10.135.89 10.10.100.10 HTTP 560.2 KB/2.2 MB HTTP
40 06-13 14:45 10.10.135.89 10.10.100.10 HTTP 161.0 B/676.0 B HTTP
41 06-13 14:44 10.10.135.89 10.10.100.10 HTTP 3.2 KB/1.4 KB HTTP
42 06-13 14:44 10.10.135.89 10.10.100.10 PING 7.0 KB/7.0 KB PING
43 06-13 14:43 10.10.135.89 10.10.100.10 HTTP 171.8 KB/134.2 KB HTTP
44 06-13 14:42 10.10.135.89 10.10.100.10 PING 7.0 KB/7.0 KB PING
45 06-13 14:41 10.10.135.89 10.10.100.10 HTTP 348.7 KB/14.8 KB HTTP
46 06-13 14:40 10.10.135.89 10.10.100.10 PING 7.0 KB/7.0 KB PING
47 06-13 14:38 10.10.135.89 10.10.100.10 HTTP 3.1 KB/1.5 KB HTTP
48 06-13 14:38 10.10.135.89 10.10.100.10 PING 7.0 KB/7.0 KB PING
49 06-13 14:36 10.10.135.89 10.10.100.10 PING 7.0 KB/7.0 KB PING
50 06-13 14:36 10.10.135.89 10.10.100.10 HTTP 3.1 KB/1.5 KB HTTP

 


Do you know any guide to be able to get the traffic with the FORTIANALYZER?

 

1152
0 Kudos
akristof
Staff
Staff
In response to gaznaran

Created on ‎06-14-2023 06:13 AM

Hello,

I've meant when you check details of single example log in FAZ, what it is saying?

Adrian
1146
0 Kudos
gaznaran
New Contributor
In response to akristof

Created on ‎06-15-2023 07:23 AM

Hello, I want to know if the behavior is normal. since I have packages that are sent and received less.

1129
0 Kudos
gaznaran
New Contributor
In response to akristof

Created on ‎06-15-2023 07:54 AM

Hello, I'll give you the log of the equipment and the traffic. I would like to know if there is any problem in these logs. https://www.mediafire.com/file/0r19d12gbyv4q8g/LOG+FORTIANALYZER.gz/file

1124
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.