Hot!*All* browsing history

Author
Rob C
New Member
  • Total Posts : 3
  • Scores: 0
  • Reward points: 0
  • Joined: 2013/12/03 08:34:22
  • Status: offline
2013/12/03 08:37:40 (permalink)
0

*All* browsing history

Hello,

We' ve recently ditched our previous content filtering solution for a combination Fortigate/Fortianalyzer solution. I am trying to find a way to report *all* internet surfing history for a given user in the Fortianalyzer and have thusfar been unable to find a way to do this.

Any web history I am pulling shows only violations of the web filter policies, even though I have all session data being logged on the Fortigate.

If anyone can assist it would be appreciated. Thanks!

Rob C
#1
RH
Silver Member
  • Total Posts : 101
  • Scores: 2
  • Reward points: 0
  • Joined: 2011/07/28 14:40:07
  • Location: Sacramento, CA
  • Status: offline
RE: *All* browsing history 2013/12/04 16:36:33 (permalink)
0
look at this thread:
https://forum.fortinet.com/FindPost/93868

the post by Adrian James, it' s the 12th post down on page 2.

It worked for me, though the analyzer has been a severe disappointment.
< Message edited by rh -- 12/5/2013 3:50:44 PM >
#2
billp
Expert Member
  • Total Posts : 846
  • Scores: 51
  • Reward points: 0
  • Joined: 2009/05/20 23:44:05
  • Location: Pacific Northwest
  • Status: offline
RE: *All* browsing history 2013/12/04 17:03:28 (permalink)
5 (1)
I' ve started using Elasticsearch + Logstash + Kibana for my user reports.

It' s more of a hack for sysadmins, but it searches tons of logs very fast. No reports per se, but you can create specialized dashboard to show HR.

It requires a dedicated server.

Bill

==========
Fortigate 600C 5.0.12, 111C 5.0.2
Logstash 1.4.1
#3
Rob C
New Member
  • Total Posts : 3
  • Scores: 0
  • Reward points: 0
  • Joined: 2013/12/03 08:34:22
  • Status: offline
RE: *All* browsing history 2013/12/05 12:06:26 (permalink)
0
Excellent, that query definitely works.

How were you able to filter out by reqtype? I can see that is a filter option in the data set but it doesn' t seem to work.
#4
RH
Silver Member
  • Total Posts : 101
  • Scores: 2
  • Reward points: 0
  • Joined: 2011/07/28 14:40:07
  • Location: Sacramento, CA
  • Status: offline
RE: *All* browsing history 2013/12/05 15:49:41 (permalink)
0
I haven' t been able to yet. Waiting for someone that knows SQL to help out.
#5
andreasc
New Member
  • Total Posts : 1
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/05/20 05:04:37
  • Location: Sweden
  • Status: offline
Re: RE: *All* browsing history 2019/05/20 05:13:21 (permalink)
0
Billp,
 
I recently started to admin a global Fortigate network with a similar setup as you, several Fortigates in a global MPLS-network and the Fortianalyzer is forwarding all the logs to Elasticsearch/Kibana.
 
I am new to Elastic and Kibana and I got a request to present information about how one of the users are browsing the internet.

How would you recommend to assemble the data it in Kibana? 

Im thankful for any info and help!
 
BR,
Andreas
#6
billp
Expert Member
  • Total Posts : 846
  • Scores: 51
  • Reward points: 0
  • Joined: 2009/05/20 23:44:05
  • Location: Pacific Northwest
  • Status: offline
Re: RE: *All* browsing history 2019/05/20 10:52:09 (permalink)
0
Adreas,
 
My post is about 5+ years old, so it's been a while. 
 
 
I would sort/search by broad categories or keywords based on management request to get an idea of surfing habits and then provide a written/forensic analysis to help make sense of the logs. 
 
Good luck!
 
 

Bill

==========
Fortigate 600C 5.0.12, 111C 5.0.2
Logstash 1.4.1
#7
Jump to:
© 2019 APG vNext Commercial Version 5.5