- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Web filter reporting
We are using Web filtering in EMS. Is there a way to get a report of where someone click pass the warning about a bad site?
Solved! Go to Solution.
- Labels:
-
FortiClient EMS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I put in a support ticket.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello atravel,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
We are still looking for an answer to your question.
We will come back to you ASAP.
Thanks,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am still looking for an answer.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
To track instances where users have bypassed these warnings:
-
Logging: First, ensure that FortiClient logging is appropriately configured to capture web filtering events, especially ones where users choose to bypass warnings.
-
EMS Configuration:
- Navigate to the EMS dashboard.
- Look for the relevant logging or reporting section. This might be under "Logging & Reports" or a similar menu.
- Configure the EMS to collect logs from the FortiClient installations regarding web filter events.
-
Generate Reports:
- Once the EMS is collecting the appropriate logs, you can generate reports based on this data.
- You might be specifically looking for events where the action was "bypass" or "allow after warning" or a similar event label.
- Depending on your EMS version and configuration, you might be able to schedule regular reports or generate them on-demand.
-
FortiAnalyzer Integration (Optional):
- If you have a FortiAnalyzer in your environment, you can forward logs from EMS to FortiAnalyzer.
- FortiAnalyzer provides a comprehensive platform for log analysis and reporting, which can help you create detailed reports regarding web filter bypass events.
-
Alerts: Consider setting up alerts in the EMS for such bypass events. This way, administrators can be immediately notified when such an action occurs.
-
Review and Update Policies: If you notice that users are frequently bypassing certain categories or specific websites, it might be an opportunity to review your web filtering policies. Maybe there's a legitimate reason users need access to certain sites, or perhaps the category is too broad.
Remember, the exact steps and options might vary depending on the version of EMS you are using and how it's configured. If you're unsure about any step or need detailed guidance, the Fortinet documentation for your specific EMS version or Fortinet's support resources can be valuable.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We use version 7.2.1.0793, and can't find a place to "ensure that FortiClient logging is appropriately configured to capture web filtering events, especially ones where users choose to bypass warnings."?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I put in a support ticket.