hi,
do a search in the KB (kb.fortinet.com) for "fortianalyzer report".
See as example https://kb.fortinet.com/kb/documentLink.do?externalID=FD44745
Then, as reports are based on datasets, you may find this interesting:
https://docs.fortinet.com/document/fortianalyzer/6.4.4/dataset-reference
In general, use FAZ interactively, that is, filter data as you wish, create a chart, and save the result as a report. Only if you have more requirements than which are offered in the GUI, and you speak SQL fluently, you turn to datasets and macros and create your reports from scratch, as scripts.
HTH.
here's an example of a FAZ script:
SELECT user_src,
domain,
browsetime
FROM ###(
SELECT
coalesce(nullifna(`user`), IPSTR(`srcip`)) as user_src,
sum($browse_time) as delta,
sum($browse_time) as browsetime,
coalesce(root_domain(hostname), 'unknown') as domain
FROM $log
WHERE $filter
GROUP BY
user_src, domain having sum($browse_time)>0
ORDER BY
delta ASC)### t
GROUP BY user_src, domain, browsetime
ORDER BY user_src, browsetime DESC
from [link]https://forum.fortinet.com/tm.aspx?m=107233[/link]
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.