User report by time and usage

pcraponi · ‎12-21-2015

Hi,

Forticloud has a report that bring useful data for a customer... We need replicate this on FortiAnalyzer. It's possible?

Are a drill-down report by User, % of traffic usage on network, Time period (by hour), % of bandwidth usage on that hour and Traffic usage:

Has a dataset or macro with this kind of information?

Regards,

Regards, Paulo Raponi

hzhao_FTNT · ‎12-21-2015

Hi there , we don't have similar predefined chart/dataset, you have to create custom dataset like:

log type: traffic

select coalesce(nullifna(`user`), nullifna(`unauthuser`), ipstr(`srcip`)) as user_src, date_trunc('hour', from_itime(itime)) as hod, sum(coalesce(sentbyte, 0)+coalesce(rcvdbyte, 0)) as bandwidth from $log where $filter and logid_to_int(logid) not in (4, 7, 14) group by user_src, hod having sum(coalesce(sentbyte, 0)+coalesce(rcvdbyte, 0))>0 order by bandwidth desc

Then create a drilldown table chart, pls see attached screenshot for chart config.

Regards.

hz

pcraponi · ‎12-21-2015

Hi hzhao,

I've changed the order by to "hod" but the FAZ still ordering by bandwidth. You know why this behavior? I need an order by Date/Time. Follow the issue:

And... Drilldown only accept 3 fields, right? I want add the Requests of each hour

Regards, Paulo Raponi

hzhao_FTNT · ‎12-21-2015

Hi there,

Our drilldown table chart only support up to 3 columns and order by the 3rd column. This is hard coded and can't be customized by user.

Regards,

hz

pcraponi · ‎12-21-2015

and about the hod field not order by?

Regards, Paulo Raponi

hzhao_FTNT · ‎12-21-2015

It is the same thing. Order-by should be hidden for drill-down table chart, we have a bug for it.

User report by time and usage

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website