Hello all,
I am trying to generate my scheduled reports using the filter "Address Group" (addrgrp)
However, I am seeing unrealistic data on all charts that I use.
If I use "addrgrp" it provides me with data from everything, not specific to the group provided.
My question: Is it possible to generate reports using an Address Group UUID as the filter?
FortiGate: 2600F (HA)
Firmware version: v7.0.8 build 0418
Mode: NAT
Vfaz version: v7.2.1-build1215 220809 (GA)
Vfaz mode: Analyzer
Note that I am specifically looking to use the address group and not subnet(s).
Thank you for your time, and please let me know what info I've missed
Kind Regards
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
I don't believe this is possible. An address group is a logical grouping of address objects on the FortiGate. Traffic and security logs generated by the FortiGate will only include IP and/or domain name of specific entries contained within the address group but will not make reference to the address group. Therefore I don't see how FAZ would be able to utilize the address group in filtering logs.
Thank you for the response, that makes sense.
Do you know if there is a way to group subnets in the filter?
Or what the limitation would be to include multiple subnets in one 'Source IP' filter?
Note that I have been trying to run the reports on multiple Policy ID's instead (is there also a limit?) and what exactly is the difference between: policyid | policy_id | poluuid?
I see different results when running each one as a filter so I thought using the Address Group would fix this problem for me.. (Screenshot below for comparison)
Thank you in advance for your assistance,
Kind Regards
I have no idea how you are getting policy_id as an option. I only have policyid.
Either way, let's try this from FortiView first and see if you get different results there.
Cna you go to FortiView->Traffic->Top Sources and put your filters in and compare there
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1545 | |
1030 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.