FortiAnalyzer Version 3.0 MR3 Administration Guide
146 05-30003-0082-20060925
Search the network traffic logs Network Analyzer
Filtering tip
When filtering by source or destination IP, you can use the following in the filtering
criteria:
• a single address (2.2.2.2)
• an address range using a wild card (1.2.2.*)
• an address range (1.2.2.1-1.2.2.100)
You can also use the boolean operator "or" to indicate multiple choices:
• 1.1.1.1 or 2.2.2.2
• 1.1.1.1 or 2.2.2.*
• 1.1.1.1 or 2.2.2.1-2.2.2.10
Search the network traffic logs
The FortiAnalyzerunit provides search capabilities to help you locate specific
information within the stored network traffic log files. The FortiAnalyzer interface
provides two searches:
• Basic search
• Advanced search
Basic search
The basic search performs a simple search of the network traffic log files on the
FortiAnalyzer unit. The FortiAnalyzer unit maintains a search history for reference
should you need to use the search keywords again.
To perform a search, go to Tools > Network Analyzer > Search. Enter the
keywords for the search and select Search. Separate multiple keywords with a
space.
For example:
Search results appear below the search entry fields.
Advanced search
The advanced search provides a more robust search facility, with more options to
narrow your search criteria.
To perform an advanced search, go to Tools > Network Analyzer > Search, and
select Advanced search.
The search is case-insensitive. Use the “*” character as a wild card.
Figure 72: FortiAnalyzer advanced search
Search for IP address 10.10.10.1
Search for Information arp who-has 10.10.10.1
To Next Page
Loading...