Note - Fortianlyzer generate top sent byte

This topic is for my own reference/note only

Dataset to generate report which top user

select srcip, dstip, dstport, action, service, sum(sentbyte/1048576) as sent_MBps,sum(rcvdbyte/1048576) as receive_MBps, count(*) as sessions from $log where logid_to_int(logid) not in (4, 7, 14) GROUP BY srcip, dstip, dstport, action, service ORDER BY sent_MBps DESC

Note - Forti Analyzer Report

This topic is for my own reference/note only

Dataset to generate report which hit policy id xxxx

select srcip, dstip, dstport, policyid, action, service, count(*) as sessions from $log where policyid = xxxx GROUP BY srcip, dstip, dstport,policyid, action, service