Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
bmaster
New Contributor

Created on ‎03-21-2024 01:21 AM Edited on ‎03-21-2024 01:25 AM

Source ip reputation in traffic logs?

When looking at the forward traffic logs (for incoming connections), I see that some sources are from "known malicious sites" when I hover over the source IP. But when I add the column "source reputation", it's always empty. 

I'd like to ad some reputation filtering, but it would be nice to be able to see the reputation for each log line first, without having to hover over each line. Is there a way to show the source reputation in the table?

 

 

Schermafbeelding 2024-03-21 092359.png

Labels:
235
0 Kudos
1 Solution
AEK
SuperUser
SuperUser

Created on ‎03-21-2024 05:34 AM

I'm not sure but I guess this log field may be added once you use firewall policy params reputation-minimum & reputation-direction.

Here is how you use them. I think it's worth trying.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-IP-reputation-in-policies-and-fallthrough/...

AEK

View solution in original post

AEK
202
2 REPLIES 2
AEK
SuperUser
SuperUser

Created on ‎03-21-2024 05:34 AM

I'm not sure but I guess this log field may be added once you use firewall policy params reputation-minimum & reputation-direction.

Here is how you use them. I think it's worth trying.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-IP-reputation-in-policies-and-fallthrough/...

AEK
AEK
203
bmaster
New Contributor
In response to AEK

Created on ‎03-21-2024 06:14 AM

Seems like this is indeed the case. Thanks for the thip.

177
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.