I deployed a CTAP at the customers location. it's the second time it's there. The first time botnets came forward, but when I finally got time to investigate the logs were already rotated.
So, I explained the customer my fu, and placed the CTAP ( 100-D ) again.
It was operational from 22-05-17 till 26-05-2017.
luckily the botnets were still there, the analyses showed it was.
downloaded the analyses from the CTAP portal, and went to the customer to get the 100-D backfor inspection ( raw logs ) and deliver the report to them.
Now delivering the report is not the problem, however reading the raw log is.
downloading all the logs, only intrusion-log and webfilter-log have KB's. the rest is all zero ( no text inside ).
I just hope I am doing something wrong here, altho no rocket science, I can't reach out to place the CTAP again.
The analysys /report is still available through the portal. I'm hoping the files maybe there.
any help is appreciated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.