Running System Reports
FortiSIEM includes a number of baseline reports for common data center analytics, as well as over 300 reports relating to IT infrastructure. You can also create your own reports.
Complete these steps to run a system-generated or user-defined baseline report:
- Go to RESOURCES tab and select the desired report group from the Reports folder.
- Select the report(s) from the table.
- Click Run to run the report(s) immediately, or select More and click Schedule to schedule the report.
- If you have a multi-tenant deployment, select the Organization for which you want to run the report.
- Select one of the Report Time Range options:
- Relative: Select the last number of hours from which report has to be generated.
- Absolute: Select the range of start and end date and time.
- Click OK.
The report will run and the results will be displayed.
Starting in 6.1.1, adhoc reports run from GUI and scheduled reports may time out after running for a long time. In a cluster environment with Worker nodes, the user may see partial results (indicated in the PDF), if some workers are able to finish their queries within the timeout. The default timeouts are specified (in seconds) in the phoenix_config.txt file on the Supervisor node.
[BEGIN phQueryMaster]
...
interactive_query_timeout=1800 # 30 mins
...
scheduled_query_timeout=3600 # 60mins
...
[END]
To change the default timeout values, SSH to the Supervisor node, change the values, save the file, and restart the Query Master process.
Copyright © 2024 Fortinet, Inc. All Rights Reserved. | Terms of Service | Privacy Policy
