Creating datasets
You need to create a new dataset for gathering information about HA, admin activity and configuration changes.
| Creating datasets requires SQL knowledge. |
To create the datasets
1. Log in to the CLI.
2. Enter the following command syntax:
config report dataset
edit ha
set query “select subtype_ha count(*) as totalnum from event_log where timestamp >= F_TIMESTAMP (‘now’, ‘hour’, ‘-23’) and group by subtype_ha order by totalnum desc”
next
3. Create a dataset for the admin activity, that includes log ins and log outs from the three FortiGate administrators.
set query “select subtype_admin count(*) as totalnum from event_log where timestamp >= F_TIMESTAMP (‘now’, ‘hour’, ‘-23’) and group by subtype_admin order by totalnum desc”
next
4. Create a dataset for the configuration changes that the administrators did for the past 24 hours.
set query “select subtype_config count(*) as totalnum from event_log where timestamp >= F_TIMESTAMP (‘now’, ‘hour’, ‘-23’) and group by subtype_config order by totalnum desc”
next
end