Monitoring Intrusion Prevention Events on FortiManager/FortiAnalyzer

 IPS signatures applied to FortiGates generate logging data that can be sent to a FortiAnalyzer (or combined FortiManager/FortiAnalyzer) appliance.

To view the top IPS signature (and all other threat) hits, navigate to FortiView -> Threats -> Top Threats.  Any Category designation of IPS on this page was a threat match against an IPS signature.

FortiView Top Threats

To view the raw IPS logs, navigate to Log View -> Security -> Intrusion Prevention.  This page shows all logs generated by the IPS engine on the logging FortiGates.

Intrusion Prevention Security Log View



Popular posts from this blog

Fix Cisco ISE Messaging Service

ClearPass MPSK per Device Type with Profiling

Cisco Designated VIP 2023