Fortinet FortiAnalyzer-100A, Руководство администратора

Страница: 123 / 162

Reports Configuring reports
FortiAnalyzer Version 3.0 MR3 Administration Guide
05-30003-0082-20060925
123
Filter logs Select None to not apply a filter to the logs in the report.
Select Include logs that match of the following criteria to
customize the filtering.
Include logs that
match Select the matching criteria for the filter.
Select all to include logs in the report that match all filter settings.
If information within a log does not match all the criteria, the
FortiAnalyzer unit will not include the log in the report.
Select any to include logs in the report that match any of the filter
settings. If any of the filter content, even one filter setting, matches
information in a log file, the FortiAnalyzer unit includes the log in
the report.
Priority Select the check box to enable the priority level filter options.
Set the priority level to look for in the logs and set whether the
information should be less than, greater than or equal to the
priority level.
Source(s) Enter the source IP address for the matching criteria. Use the
Alias list to select sources by name. For details on adding IP
Aliases, see “IP Aliases” on page 53 . Use a comma to separate
multiple sources.
Select Not to exclude the source IP address from the report. For
example, do not include any information from a specific source IP
address in the log report.
Destination(s) Enter the destination IP address for the matching criteria. Use the
Alias list to select sources by name. For details on adding IP
Aliases, see “IP Aliases” on page 53 . Use a comma to separate
multiple sources.
Select Not to exclude the destination IP address from the report.
For example, do not include any information from a specific
destination IP address in the log report.
You can filter on IP ranges, including subnets to report on groups
within the company. For example:
• 172.20.110.0-255 filters all IP addresses in the
172.20.110.0/255.255.255.0 or 172.20.110.0/24 subnet
• 172.20.110.0-140.255 filters all IP addresses from
172.20.110.0 to 172.20.140.255
• 172.16.0.0-20.255.255 filters all IP addresses from 172.16.0.0
to 172.20.255.255)
Interface(s) Enter the FortiGate interface you want to include in the report.
Separate multiple interface names with a comma.
Select Not to exclude the interface information from the report. For
example, do not include any information from a specific interface
in the log report.
User(s) Enter the user names to include in the report. Separate multiple
user names with a comma.
Group(s) Enter the user groups to include in the report. Separate multiple
groups with a comma. User groups are configured on the
FortiGate unit.
Virtual Domain(s) Enter the virtual domains (VDOM) to include in the report.
Separate multiple VDOMs with a comma.
Select Not to exclude the VDOM from the report. For example, do
not include any information from a specific VDOM in the log
report.
Policy ID(s) Enter the firewall policy ID numbers to include in the report. The
report will include the traffic information from the FortiGate firewall
policies in the logs. Separate multiple policy IDs with a comma.