Fortinet FortiAnalyzer-100A - Real-time log viewer; Historical log viewer

To Next Page

To Previous Page

FortiAnalyzer Version 3.0 MR3 Administration Guide

78 05-30003-0082-20060925

Log Viewer Logs

Figure 23: Viewing logs in real time

For information about log messages, see the FortiGate Log Message Reference.

Historical log viewer

The Historical log viewer enables you to view log information for a selected device

and log type for a specific time range. When viewing log messages, you can filter

the information to find specific event information.

To select a historical log to view

1 Go to Log > Log Viewer > Historical.

2 Select a device. All registered devices appear in the list.

3 Select the log type.

4 Set the Start time by selecting the following:

Type The log type you are viewing and the device where it is originating

from.

Change Select to change the log type to view or the device.

Stop Select to stop the FortiAnalyzer unit from refreshing the log view.

Column Settings Select to change the columns to view and the order they appear

on the page. For details see “Customizing the log column views”

on page 83.

Formatted | Raw Select a view of the log file. Selecting Formatted (the default)

displays the log files in columnar format. Selecting Raw, displays

the log information as it actually appears in the log file.

Resolve Host Name Select to display host names by a recognizable name rather than

IP addresses. For details on configuring IP address host names

see “IP Aliases” on page 53.

Resolve Service Select to display the network service names rather than the port

numbers. For example, HTTP rather than port 80. This option

does not appear when the logs do not have service information to

display. For example, the event log.

Column Settings

Unspecified Select to view log messages from the earliest date and time

available in the logs.

Specified Select to set a specific start date and time for the log messages.

Date Enter a start date. Use the format YYYY/MM/DD. Alternatively,

select the Calendar icon and select a start date.

Time Select a starting time for the log messages. Leave the time at

00:00 to view log messages starting at 12:00 midnight for the

selected date.