FortiAnalyzer SQL Reporting – Firewall Training

FortiAnalyzer, the logging product of Fortinet, the flagship of network security, allows you to create your own reports with SQL queries. In this way, you can both customize the log records kept and improve the device as you add new report pages on the analyzer.

There are dozens of functional report definitions that come ready on Fortianalyzer. You may want to use these reports not in a general way but in a slightly specialized way.

Fortianalyzer SQL with Search Engine Keyword Loging

In other words, if we want to explain with an example; search engine keywords (logging of the words searched in the search engine such as Google logging) in the given date range for general use can be retrieved using the template prepared by Fortinet.

However, if you only want to see the search words of one or more individuals or groups, you will need to design a new report. At this stage, you will need some SQL database knowledge in addition to your Fortinet knowledge.

https://www.omersahin.com.tr/fortigate-firewall-ilk-kurulum-ayarlari/.

Let’s create a template based on this example. It was run and tested on fortianalyzer 200D running version 5.2.1 (fortianalyzer version 5).

First of all, log in to Fortianalyzer SQL, which is running in“analyzer mode“. Then click on the Report tab.

Let’s go to the last page here and there enter Dataset from the Advanced menu. Double click on“web filter-top search preases” in the list that opens.