FortiAnalyzer

Version: FortiAnalyzer 4.0, 5.0 and later.

FortiAnalyzer logs and analyzes aggregated log data from Fortinet devices and other syslog-compatible devices. Netsurion examines this collective of logs and leverage machine learning to identify critical events, suspicious network traffic, configuration changes and user behaviour analytics.

Netsurion Enterprise gathers and examines acquired logs to identify about administrator logon, network file sharing, resources monitored, devices added, changed and modified.

Netsurion Data Source Integration for FortiAnalyzer allows you to monitor the following:-

  • Operations - Backup and restore activity, Device management, Resource Monitoring,User management and System management and Network share management.
  • Security - IPsec activity.
  • Compliance - Administrator logon activity, Administrator logon failed activity and Configuration changes activity.

Once FortiAnalyzer is configured to deliver events to Netsurion Manager; Alerts, Dashboards and Reports can be configured into Netsurion.

Some of the Data Source Integrations available in Netsurion are listed below.

Alerts

Type Name Description
Operations FortiAnalyzer - Administrator deleted a device This alert is generated when administrator deleted the device.
Operations FortiAnalyzer - Removed a disk from RAID array This alert is generated when administrator removes the disk from the RAID array.
Compliance FortiAnalyzer - User logon failed This alert is generated when administrator attempt to log in to the web-based manager using GUI or CLI was failed.

Reports

Type Name Description
Security FortiAnalyzer - IPsec activity This report provides information related to IPsec VPN connections which includes columns such as Local IP, Local Port, Remote IP, Remote Port, Outbound Interface, Action, Initiated, Mode, Direction, and Status.
Operations FortiAnalyzer - Backup and restore activity This reports provides information related to backup, restore, reboot, upload and which includes columns such as User Name, User Interface, Action, Status and Message details.
Operations FortiAnalyzer - Device management This report provides information related to device added, deleted, rename, changed, registered and unregistered details which includes columns such as User Name, User Interface, Source IP, Action, Status and Message Details.
Operations FortiAnalyzer - Resource monitoring This report provides information related to resource usage which includes columns such as Status and Message Details.
Operations FortiAnalyzer - User management This report provides information related to user profile accessed, deleted, changed which includes columns such as User Name, User Interface, Source IP, Status and Message Details.
Operations FortiAnalyzer - System management This report provides information related to bootup, downgraded, migration, and delete log, delete archive which includes columns such as User Name, User Interface, Source IP, Action, Status and Message details.
Operations FortiAnalyzer - Network share management This report provides information related to network area storage and network file sharing which includes columns such as User Name, User Interface, Source IP, Status and Message Details.
Compliance FortiAnalyzer - Administrator logon activity This report provides information related to user login and logout which includes User Name, User Interface, Source IP, Action, Status and Reason fields.
Compliance FortiAnalyzer - Administrator logon failed This report provides information related to login failure which includes column such as User Name, User Interface, Source IP, Action, Status and Reason.
Compliance FortiAnalyzer - Configuration changes activity This report provides information related to change in authentication server which includes columns such as User Name, User Interface, Source IP, Status and Message details.

Documentation

The configuration details are consistent with Netsurion Enterprise version 7.X and later, and FortiAnalyzer 4.0 , 5.0 and later.

Download Integration Guide for more information.

This site uses cookies to store information on your computer. Some are essential to make our site work; others help us improve the user experience. By using the site, you consent to the placement of these cookies. Read our Privacy Statement to learn more.

I Accept