FortiOS 5.4 Online Help Link FortiOS 5.2 Online Help Link FortiOS 5.0 Online Help Link FortiOS 4.3 Online Help Link

Home > Online Help

> Chapter 10 - FortiView > Overview > Enabling FortiView

Enabling FortiView

By default, FortiView is enabled on FortiGates running FortiOS firmware version 5.2 and above. You will find the FortiView consoles under System > FortiView. However, certain options will not appear unless the FortiGate has Disk Logging enabled.

Only certain FortiGate models support Disk Logging. A complete list of FortiGate platforms that support Disk Logging is provided in the matrix below.

To enable Disk Logging
  1. Go to Log & Report > Log Config > Log Settings and select the checkbox next to Disk.
  2. Apply the change.
To enable Disk Logging - CLI

config log disk setting

set status enable

end

FortiView Feature Support - Platform Matrix

Note that the following table identifies three separate aspects of FortiView in FortiOS 5.2.3:

Platform Basic Feature Support Disk Logging Historical Data *
FG/FWF-20C Series a    
FG/FWF-30D/40C Series a    
FG/FWF-60C Series a    
FG/FWF-60D Series a    
FGR-60D a    
FG-60D a    
FG/FWF-80C Series a    
FG-80D a a 1 hour
FG/FWF-90D Series a a 1 hour
FG/FWF-92D Series a    
FG-110C a    
FG-111C a CLI 1 hour
FG-100D Series a a 24 hours
FG-200B Series a # # (24 hours)
FG-200D Series a a 24 hours
FG-310B a   # (24 hours)
FG-311B a   # (24 hours)
FG-300C a a 24 hours
FG-300D a a 24 hours
FG-500D a a 24 hours
FG-620B a # # (24 hours)
FG-621B a # # (24 hours)
FG-600C a a 24 hours
FG-800C a a 24 hours
FG-1000C a a 24 hours
FG-1500D a a 24 hours
FG-1240B a a 24 hours
FG-3016B a # # (24 hours)
FG-3040B a CLI 24 hours
FG-3140B a CLI 24 hours
FG-3240C a CLI 24 hours
FG-3600C a CLI 24 hours
FG-3700D a CLI 24 hours
FG-3810A a # # (24 hours)
FG-3950B a #, CLI # (24 hours)
FG-3951B a #, CLI # (24 hours)
FG-5001A a #, CLI # (24 hours)
FG-5001B a CLI 24 hours
FG-5001C a CLI 24 hours
FG-5001D a CLI 24 hours
FG-5101C a CLI 24 hours
FS-5203B a CLI  

a = Default support.
#  = Local storage required.

* Refer to section on Historical Data below.

Basic feature support

FortiView's consoles give insight into your user's traffic, not merely showing which users are creating the most traffic, but what sort of traffic it is, when the traffic occurs, and what kind of threat the traffic may pose to the network.

FortiView basic feature support consists of the following consoles:

The complete array of features in FortiView requires disk logging enabled (see below). It includes those consoles listed above as well as the following:

Historical Data

Not all FortiView consoles have the same available historical data options, depending on whether or not your traffic is locally stored.

Below is a table showing which features are available for units using local storage, including the historical data options.

Only FortiGate models 100D and above support the 24 hour historical data.
Features With Local Storage Without Local Storage
  Now 5 min 1 hr 24 hr * Now 5 min 1 hr 24 hr
Sources a a a a a      
Applications a a a a a      
Cloud Applications a a a a a      
Destinations a a a a a      
Websites a a a a        
Threats   a a a        
All Sessions a a a a a      
System Events   a a a        
Admin Logins   a a a        
VPN   a a a        

* Not available for desktop models with SSD.

Disk Logging

Only certain FortiGate models support Disk Logging (see above).

To enable Disk Logging, go to Log & Report > Log Config > Log Settings, and select the checkbox next to Disk and apply the change.

Configuration Dependencies

Most FortiView consoles require the user to enable several features to produce data. The following table summarizes the dependencies:

Feature Dependencies (Realtime) Dependencies (Historical)
Sources None, always supported Disk logging enabled

Traffic logging enabled in policy
Applications None, always supported Disk logging enabled

Traffic logging enabled in policy

Application control enabled in policy
Cloud Applications Not supported Disk logging enabled

Application control enabled in policy

SSL "deep inspection" enabled in policy

Deep application inspection enabled in application sensor

Extended UTM log enabled in application sensor
Destinations None, always supported Disk logging enabled

Traffic logging enabled in policy
Web Sites Disk logging enabled

Web Filter enabled in policy

"web-url-log" option enabled in Web Filter profile
Disk logging enabled

Web Filter enabled in policy

"web-url-log" option enabled in Web Filter profile
Threats Not supported Disk logging enabled

Traffic logging enabled in policy

Threat weight detection enabled
All Sessions None, always supported Disk logging enabled

Traffic logging enabled in policy
System Events Not supported  
Admin Logins Not supported  
VPN Not supported  
FortiSandbox Not supported