Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Rob_C
New Contributor

*All* browsing history

Hello, We' ve recently ditched our previous content filtering solution for a combination Fortigate/Fortianalyzer solution. I am trying to find a way to report *all* internet surfing history for a given user in the Fortianalyzer and have thusfar been unable to find a way to do this. Any web history I am pulling shows only violations of the web filter policies, even though I have all session data being logged on the Fortigate. If anyone can assist it would be appreciated. Thanks! Rob C
7 REPLIES 7
RH2
New Contributor II

look at this thread: https://forum.fortinet.com/FindPost/93868 the post by Adrian James, it' s the 12th post down on page 2. It worked for me, though the analyzer has been a severe disappointment.

Rob_C
New Contributor

Excellent, that query definitely works. How were you able to filter out by reqtype? I can see that is a filter option in the data set but it doesn' t seem to work.
billp
Contributor

I' ve started using Elasticsearch + Logstash + Kibana for my user reports. It' s more of a hack for sysadmins, but it searches tons of logs very fast. No reports per se, but you can create specialized dashboard to show HR. It requires a dedicated server.

Bill ========== Fortigate 600C 5.0.12, 111C 5.0.2 Logstash 1.4.1

Bill ========== Fortigate 600C 5.0.12, 111C 5.0.2 Logstash 1.4.1
RH2
New Contributor II

I haven' t been able to yet. Waiting for someone that knows SQL to help out.
andreasc
New Contributor

Billp,

 

I recently started to admin a global Fortigate network with a similar setup as you, several Fortigates in a global MPLS-network and the Fortianalyzer is forwarding all the logs to Elasticsearch/Kibana.   I am new to Elastic and Kibana and I got a request to present information about how one of the users are browsing the internet. How would you recommend to assemble the data it in Kibana?  Im thankful for any info and help!

 

BR, Andreas

billp

Adreas,

 

My post is about 5+ years old, so it's been a while. 

 

 

I would sort/search by broad categories or keywords based on management request to get an idea of surfing habits and then provide a written/forensic analysis to help make sense of the logs. 

 

Good luck!

 

 

Bill ========== Fortigate 600C 5.0.12, 111C 5.0.2 Logstash 1.4.1

Bill ========== Fortigate 600C 5.0.12, 111C 5.0.2 Logstash 1.4.1
live89

Hi Andreas

 

Have you succeeded in forwarding and analyzing successfully the logs in Kibana ?

 

Thanks

Thanks
Labels
Top Kudoed Authors