Forensic Analysis Users and groups
FortiAnalyzer Version 3.0 MR3 Administration Guide
05-30003-0082-20060925 99
Figure 36: Lookup user information
Where does FortiAnalyzer get this information?
The FortiAnalyzer unit obtains user information from the FortiGate logs. The
following table outlines what logs the FortiAnalyzer refers to when retrieving user
information.
Lookup Select the information to look for in the log data.
Username / IP
Address
Depending on the Lookup selection, enter either the username or
IP address to find the associated information.
Time frame Select the time range in the logs that the FortiAnalyzer unit
searches.
All xx logged on yy
within the last zz
A visual indication of what you have selected and its relationship
to each other. Below this statement a list of available data will
appear. Select the check box beside each entry to add the data to
the user information.
User Select to add any of the results to an existing user in the forensic
analysis user table.
Create User / Add to
user
This button selection depends on whether you select a user from
the list.
Select Add to User when you select a user from the User list. The
FortiAnalyzer unit adds the information selected from the results to
the selected user information.
Select Create User to use the information entered above and
selected from the results, to create a new forensic analysis user
entry.
User Name Web filter log
IP Address Web filter log
Email address Email filter log. If not found, the FortiAnalyzer unit uses the content
logs.
IM name IM log. If not found, the FortiAnalyzer unit uses the content logs.
To Next Page
Loading...
Need help?
General