Status dashboard

System > Status > Status appears when you log in to the web UI. It contains a dashboard with widgets that each indicate performance level or other system statuses.

Each day, check the dashboard for obvious problems.

By default, the Status dashboard contains the following widgets:

FortiWeb provides a separate dashboard that displays the status of policies and the server pools they are associated with. See Policy Status dashboard.

Viewing the dashboard (System > Status > Status)

In the default dashboard setup, widgets display the serial number and current system status of the FortiWeb appliance, including uptime, system resource usage, host name, firmware version, system time, and status of policy sessions. The dashboard also contains a CLI widget that enables you to use the command line interface (CLI) through the web UI.

To customize the dashboard, select which widgets to display, where they are located on the page, and whether they are minimized or maximized.

To move a widget, position your mouse cursor on the widget’s title bar, then click and drag the widget to its new location.

To display any of the widgets not currently shown on System > Status > Status, click Add Content. Any widgets currently already displayed on System > Status > Status are grayed out in the Add Content menu, as you can only have one of each display on the page.

Adding a widget

To display the default set of widgets on the dashboard, select Back to Default.

To see the available options for a widget, position your mouse cursor over the icons in the widget’s title bar. Options vary slightly from widget to widget, but always include options to close, minimize or maximize the widget.

A minimized widget

Button/field Description
Widget title The name of the widget.
Minimize/maximize arrow

Click to maximize or minimize the widget.

Refresh

Click to update the displayed information.

Close Click to close the widget on the dashboard. FortiWeb prompots you to confirm the action. To display the widget again, click Add Content near the top of the page.

To access the dashboard, your administrator's account access profile must have Read permission to items in the System Configuration category. To use features that alter the FortiWeb or perform actions, you may also need Write permissions in various categories. For details, see Permissions.

System Information widget

The System Information widget on the dashboard displays the serial number and the status of basic systems, such as the firmware version, system time, up time, and host name, and high availability (HA) status.

In addition to displaying system information, the System Information widget enables you to configure some basic attributes such as the host name, operation mode, and high availability (HA) mode, and to change the firmware.

FortiWeb administrators whose access profiles permit Write access to items in the System Configuration category, can change the system time, host name, firmware, and operation mode, and high availability (HA) mode.

System Information widget

Field Description
HA Status

Displays the status of high availability (HA) for this appliance, either Standalone or Active-Passive. The default value is Standalone.

Click Configure to configure the HA status for this appliance. See Configuring a high availability (HA) FortiWeb cluster.

Host Name

Displays the host name of the FortiWeb appliance.

Click Change to change the host name. See Changing the FortiWeb appliance’s host name.

Serial Number

Displays the serial number of the FortiWeb appliance. Use this number when registering the hardware or virtual appliance with Fortinet Technical Support.

On hardware appliance models of FortiWeb, the serial number (e.g. FV-3KC3R11111111) is specific to the FortiWeb appliance’s hardware and does not change with firmware upgrades.

On virtual appliance (FortiWeb-VM) models, the serial number indicates the maximum number of vCPUs that can be allocated according to the FortiWeb-VM software license, such as FVVM020000003619 (where “VM02” indicates a limit of 2 vCPUs). If it is FVVM00UNLICENSED, the FortiWeb-VM license has not been successfully validated, and FortiWeb is operating with a limited trial license.

Operation Mode

Displays the current operation mode of the FortiWeb appliance.

The default operation mode is Reverse Proxy. For details on the operation modes, see Setting the operation mode.

Click Change to switch the operation mode.

Caution: Back up the configuration before changing the operation mode. Changing modes deletes any policies not applicable to the new mode, static routes, V-zone IPs, and VLANs. For instructions on backing up the configuration, see Backups.

System Time

Displays the current date and time according to the FortiWeb appliance’s internal clock.

Click Change to change the time or configure the FortiWeb appliance to get the time from an NTP server. See Setting the system time & date.

Firmware Version

Displays the version of the firmware currently installed on the FortiWeb appliance.

Click Update to install a new version of firmware. See Updating the firmware.

System Uptime Displays the time in days, hours, and minutes since the FortiWeb appliance last started.
Administrative Domain

To delete existing appliance-wide policies and settings then enable ADOMs, click Enable. See also Administrative domains (ADOMs).

To disable ADOMs, first delete ADOM-specific settings and policies, then click Disable.

FIPS-CC Mode Displays whether Federal Information Processing Standards (FIPS) and Common Criteria (CC) compliant mode is enabled. You use a CLI command to enable this mode.
See also

FortiGuard Information widget

The FortiGuard Information widget on the dashboard displays Fortinet Technical Support registration, licensing and FortiGuard service update information.

FortiGuard Information widget

 

Field Description
VM License

Indicates whether or not this FortiWeb-VM appliance has a paid software license. The license affects the maximum number of allocatable vCPUs (see the FortiWeb-VM Install Guide).

Possible states are:

  • Valid — The appliance has a valid, non-trial license. Serial Number indicates the maximum number of vCPUs that can be allocated according to this license. See System Information widget.

    To increase the number of vCPUs that this appliance can utilize, invalidate the current license by allocating more vCPUs in your virtual machine environment (e.g. VMware), then upload a new license. For details, see the FortiWeb-VM Install Guide.

  • Invalid — License either was not valid, or is currently a trial license.

    To upload a purchased license, click Update.

This appears only in FortiWeb-VM.

Support Contract

Indicates which account registered this appliance with Fortinet Technical Support.

  • Unregistered — Not registered with Fortinet Technical Support.
  • <registration_email> — Registered with Fortinet Technical Support.

Click Launch Portal to log into the Fortinet Support account that registered this FortiGate unit.

FortiGuard  
  FortiWeb Security Service

Indicates the validity of the appliance’s contract for FortiGuard FortiWeb Security Service, which provides updates via the Internet from Fortinet’s FDN for:

  • attack signatures
  • predefined data types
  • predefined suspicious URLs
  • global white list objects

Possible states are:

  • Valid — The appliance currently has a valid, non-trial license, and can download updates itself from the FDN. You can trigger this manually and/or schedule the appliance to regularly poll and automatically install the newest available package updates. See Connecting to FortiGuard services.
  • Expired — The contract is no longer in effect.

To renew, either contact your reseller or go to the Fortinet Technical Support website.

Also indicates the current version number of the installed service package, the expiry date of the service contract (if any) for this appliance, and the previous time and method of update.

  FortiWeb Antivirus Service

Indicates the validity of the appliance’s contract for FortiGuard Antivirus Service, which provides updates via the Internet from Fortinet’s FDN for virus signatures. Possible states are:

  • Valid — The appliance currently has a valid, non-trial license, and can download updates itself from the FDN. You can trigger this manually and/or schedule the appliance to regularly poll and automatically install the newest available package updates. See Connecting to FortiGuard services.
  • Expired — The contract is no longer in effect.

To renew, either contact your reseller or go to the Fortinet Technical Support website.

Also indicates the current version number of the installed service package, the expiry date of the service contract (if any) for this appliance, and the previous time and method of update.

  FortiWeb IP Reputation Service

Indicates the validity of the appliance’s contract for FortiGuard IRIS Service, which provides updates via the Internet from Fortinet’s FDN for known botnets, malicious clients, and anonymizing proxies. Possible states are:

  • Valid — The appliance currently has a valid, non-trial license, and can download updates itself from the FDN. You can trigger this manually and/or schedule the appliance to regularly poll and automatically install the newest available package updates. See Connecting to FortiGuard services.
  • Expired — The contract is no longer in effect.

To renew, either contact your reseller or go to the Fortinet Technical Support website.

Also indicates the current version number of the installed service package, the expiry date of the service contract (if any) for this appliance, and the previous time and method of update.

  FortiWeb Credential Stuffing Defense Service

Indicates the validity of the appliance's contract for FortiGuard Credential Stuffing Defense database, which prevents against credential stuffing attacks. Possible states are:

  • Valid — The appliance currently has a valid, non-trial license, and can download updates itself from the FDN. You can trigger this manually and/or schedule the appliance to regularly poll and automatically install the newest available package updates. See Connecting to FortiGuard services.
  • Expired — The contract is no longer in effect.

Also indicates the current version number of the installed service package, the expiry date of the service contract (if any) for this appliance, and the previous time and method of update.

FortiSandbox Click Configure to go to System > Config > FortiSandbox, which allows you to configure a FortiSandbox that FortiWeb submits files to for evaluation.

For information on updates, see Connecting to FortiGuard services.

See also

CLI Console widget

The CLI Console widget on the dashboard enables you to enter CLI commands through the web UI, without making a separate Telnet, SSH, or local console connection to access the CLI.

The CLI Console widget requires that your web browser support JavaScript.

To use the console, first click within the console area. Doing so automatically logs you in using the same administrator account you used to access the web UI. You can then type commands into the CLI Console widget. Alternatively, you can copy and paste commands from or into the console.

The prompt, by default the model number such as FortiWeb-3000C #, contains the host name of the FortiWeb appliance. To change the host name, see Changing the FortiWeb appliance’s host name.

For information on available commands, see the FortiWeb CLI Reference.

CLI Console widget

Click Detach to open the widget in a separate browser window. In this separate window, you can click Customize to open the Console Preferences pop-up window. Use this dialog to change the buffer length and input method, as well as the appearance of the console.

CLI Console Preferences window

Setting/button/field Description
Preview (pane) Shows a preview of your changes to the CLI Console widget’s appearance.
Text Click the current color swatch to the left of this label, then click a color from the color palette to the right to change the color of the text in the CLI Console.
Background Click the current color swatch to the left of this label, then click a color from the color palette to the right to change the color of the background in the CLI Console.
Use external command input box Select to display a command input field below the normal console emulation area. When this option is enabled, you can enter commands by typing them into either the console emulation area or the external command input field.
Console buffer length Type the number of lines the console buffer keeps in memory. The valid range is from 20 to 9999.
Font Select a font from the list to change the display font of the CLI Console.
Size Select the size in points of the font. The default size is 10 points.
Reset Defaults Click to reset the CLI console preferences to the factory default settings.
See also

System Resources widget

The System Resources widget on the dashboard displays information such as CPU and memory usage.

The widget displays CPU and memory usage as an animated bar and as a percentage of the usage for core processes only. CPU and memory usage for management processes (for example, for HTTPS connections to the web UI) is excluded.

Normal idle load varies by hardware platform, firmware, and configured features. To determine your specific baseline for idle, configure your system completely, reboot, then view the system load. After at least 1 week of uptime with typical traffic volume, view the system load again to determine the normal non-idle baseline.

System Resources widget

To determine your available disk space, you can alternatively connect to the CLI and enter the command:

diagnose system mount list

Button Description
Reboot Click to halt and restart the operating system of the FortiWeb appliance.
ShutDown Click to halt the operating system of the FortiWeb appliance, preparing its hardware to be powered off.
Reset

Click to revert the configuration of the FortiWeb appliance to the default values for its currently installed firmware version.

Caution: Back up the configuration before selecting Reset. This operation cannot be undone. Configuration changes made since the last backup will be lost. For instructions on backing up the configuration, see Restoring a previous configuration.

Attack Log widget

The Attack Log widget displays the latest attack logs. Attack logs are recorded when there is an attack or intrusion attempt against the web servers protected by the FortiWeb appliance.

Attack logs help you track policy violations. Each message shows the date and time that the attack attempt occurred. For more information, see Viewing log messages.

Attack log messages can also be delivered by email, Syslog, FortiAnalyzer, or SNMP. For more information, see Logging, Configuring logging, and SNMP traps & queries.
Attack Log widget

Real Time Monitor widget

The Real Time Monitor widget on the dashboard displays three graphs.

Real Time Monitor widget

For each graph, you can select the following options:

By positioning your cursor over a point in the graph, you can display information for that point in time, such as (for HTTP Traffic Monitor) the traffic volume at that point in time.

See also

Event Log Console widget

The Event Log Console widget on the dashboard displays log-based messages.

Event logs help you track system events on your FortiWeb appliance such as firmware changes, and network events such as changes to policies. Each message shows the date and time that the event occurred. For more information, see Viewing log messages.

Event log messages can also be delivered by email, Syslog, FortiAnalyzer, or SNMP. For more information, see Logging, Configuring log destinations, and SNMP traps & queries.
Event Log Console widget

Policy Sessions widget

The Policy Sessions widget on the dashboard displays the number of HTTP/HTTPS sessions that are currently governed by each policy.

Policy Sessions widget

Operation widget

The Operation widget on the dashboard displays the:

link status of each physical network interface (or, for FortiWeb-VM, virtual adapter).

The detected physical link status indicator does not indicate whether you have administratively enabled or disabled the network interface. To bring up or bring down a network interface, see Network interface or bridge?.

Hover over a link icon to display the following additional information:

Operation widget

See also