- Published at
Enable Fortinet Firewall + Fortianalyzer to Resolve Hostnames in Fortiview
Enable Fortinet Firewall + Fortianalyzer to resolve hostnames in Fortiview
Table of Contents
Introduction
I’ve been jumping knee-deep in Fortinet firewalls and their logging + reporting systems.
One thing that was driving me crazy is the fact the “Source” section was only the IP address. On the Fortigate firewall under “Fortiview” it did list the “Source IP Hostname” but it meant digging pretty deep into the logs. On the Fortianalyzer product it didn’t list the “Source IP Hostname” at all.
After digging around I found the commands to enable this on both the Fortigate and Fortianalyzer.
Configuration Steps
FortiGate
FortiAnalyzer can resolve the IPs for FortiView & Reports, just not Log View.
- FortiView
On FortiAnalyzer, for FortiView widgets, using DNS resolution to resolve IPs to hostname is configurable via the CLI:
Hope this post helps someone in the future with the same issue!