This section describes the following log filter consoles available in FortiView:
- Sources displays detailed information on the sources of traffic passing through the FortiGate, and the section covers how you can investigate an unusual spike in traffic to determine which user is responsible.
- Destinations displays detailed information on user destination-accessing through the use of drill down functionality.
- Applications displays Applications used on the network that have been recognized by Application Control, and this section shows how you can view what sort of applications individual employees are using.
- Cloud Applications displays Web/Cloud Applications used on the network, and this section shows how you can drill down to access detailed data on cloud application usage, e.g. YouTube.
- Web Sites displays websites visited as part of network traffic that have been recognized by Web Filtering, and this section shows how you can investigate instances of proxy avoidance, which is the act of circumventing blocks using proxies.
- Threats monitors threats to the network, both in terms of their Threat Score and Threat Level.
- WiFi Clients displays a list of all the devices connected to the WLAN.
- Traffic Shaping displays a list of existing Traffic Shapers, detailing their bandwidth use and which traffic is being shaped by each shaper.
- System Events displays security events detected by FortiOS, providing a name and description for the events, an assessment of the event's severity level, and the number of instances the events were detected.
- VPN displays how users can access information on any VPNs associated with their FortiGate.
- Endpoint Vulnerability displays a list of Vulnerability events detected by the FortiGate on networked devices, along with links to further vulnerability information and databases.
- Threat Map provides a geographical display of threats, in realtime, from international sources as they arrive at your FortiGate.
- Policies displays what policies are in affect on your network, what their source and destination interfaces are, how many sessions are in each policy, and what sort of traffic is occurring.
- Interfaces displays the number of interfaces connected to your network, how many sessions there are in each interface, and what sort of traffic is occurring.
- FortiSandbox displays FortiSandbox activity. FortiSandbox detects and analyzes advanced attacks designed to bypass traditional security defenses, and has a wide array of features that allow it to prevent future attacks from occurring again.
- All Sessions displays complete information on all FortiGate sessions, with the ability to filter sessions by port number and application type.