FortiAnalyzer Application Logs

Questions and Answers

Which type of logs are available in FortiView?

Analytics logs

What can you investigate using the FortiView pane?

Traffic activity

What does the Top Threats widget display?

The top 100 threats

What can you find by double-clicking on a threat entry in the Top Threats widget?

Source IP addresses

What does a virtual machine with a compromised MAC address indicate?

A compromised host

What does the IOC engine in FortiAnalyzer detect?

Suspicious web usage compromises

What does the breach detection engine in FortiAnalyzer analyze?

Web filter logs

What does the threat score indicate in FortiAnalyzer?

The severity of the threat

What does the verdict 'Infected' indicate in FortiAnalyzer?

A real breach

What does the verdict 'Highly Suspicious' indicate in FortiAnalyzer?

A possible breach

Which logs are accessible in the Log View under each A-dom in FortiAnalyzer?

Application logs

What can administrators view in the root A-dom in FortiAnalyzer?

Both local event logs and application logs

What do the logs at the bottom indicate in FortiAnalyzer?

Both playbook task failures and logs from FortiADC device

What is FortiView in FortiAnalyzer?

A comprehensive monitoring system

What can be disabled to tune performance in FortiAnalyzer?

FortiView module

What does the FortiView pane in FortiAnalyzer integrate into single, summary views?

Real-time and historical data

What type of logs are displayed in FortiView?

Real-time logs only

What is the purpose of the Monitors pane in FortiView?

To display dashboards for NOC-SOC

What happens when the FortiView module is disabled in FortiAnalyzer?

Both FortiView is hidden from the GUI and background processing stops for FortiView

Where can administrators find the data analysis for each A-dom in FortiView?

FortiView pane