REPORT CONFIGURATION

In this module, the firewall's static reports and history curves can be enabled. These are based on all traffic processed by the firewall, i.e., all connections passing through all interfaces, internal and external.

General

Static reports

Enables the static reports shown in the Monitoring module > Reports.

 

Static reports are compiled based on logs saved on the firewall. In most reports, a list of the top 10 most frequently recurring values is compiled (the rest of the values are filed under “Other”). SD-WAN reports are based on metrics and operational statuses obtained when monitoring routers and their gateways.

Data is refreshed every minute and includes a calculation of a new Top 50 over the last few hours and days in order to better represent the recurring values and avoid overloading the database. Data stored on SD cards can be read by other platforms equipped with an SQLite engine.
History curves

Enables history curves shown in the Monitoring module > Monitoring.

 

History curves are compiled based on logs saved on the firewall. They offer four time scales: last hour, day, week or month. These time ranges are calculated in relation to the firewall’s date and time settings.

List of reports tab

Possible operations

Search Filters the list of reports by what is entered in the search field.
Categories Filters the list of reports by the selected category.
Set status Enables or disables the report selected beforehand in the grid.
Reset the database Resets the database.
Enabled reports Shows the number of reports enabled.
Database size Indicates the disk space used by the SQLite database.

The table

Status

Enables or disables the report in question. Some reports require the subscription of a specific option in order to be enabled.

IMPORTANT
Even though the generation of reports does not have priority over other processes, the number of reports enabled or the type of traffic may have a real impact on the performance of the firewall.
Category

Indicates the data category to which the report belongs.
The following categories are available:

  • Web,
  • Security,
  • Virus,
  • Spam,
  • Vulnerability,
  • Network,
  • Industrial network,
  • Sandboxing,
  • SD-WAN,
  • Web services,
  • Custom.
Description

Shows a description of the report and the data it contains.
Warning Displays a warning message if an option or a feature required to build a report has not been enabled.
Private data Specifies with a symbol that the report contains personal data (source IP address, host name, user name, etc.). Such data can only be viewed if the user holds the Full access to logs (private data) privilege.

NOTE
Such data may be sent via Syslog to the Virtual Log Appliance for Stormshield solution in order to build reports or archive them.

List of history graphs tab

Status Enables or disables the history graph in question.
Description Shows a description of history graph and the data it contains.
Warning Shows a warning message if, for example, an option needed for building a graph has not been enabled.