< Home

Limitations and Precautions for Reports

Hardware Requirements

Supported by all models.

License Requirements

  • The intrusion prevention part in the threat report is available only after the intrusion prevention license is obtained. Similarly, the antivirus part is available only after the antivirus license is obtained.
  • Other log functions are not license-controlled.

Restrictions

  • For certain devices, reports can be viewed, exported, customized, and subscribed only when storage media are present. For details about report functions supported by each device, see Report Support and Storage Medium Dependency.
  • Browsers on a PC must meet the following requirements to support report viewing:
    • Internet Explorer browser: 8.0 and later version
    • Firefox browser (recommended): 10.0 and later versions
    • Chrome browser: 17.0 and later versions
  • If the report subscription function is used, you cannot use a mail server that requires forcible SSL connections to send mails, such as Gmail. Commonly used email servers, such as Sina, 163, and Winmail, are recommended.
  • When the device encoding mode is UTF-8, the reports imported to the PDF file cannot contain Chinese, Japanese, or Korean. Otherwise, the information in Chinese, Japanese, or Korean in the reports is displayed in garbled characters.

Precautions

  • Because the FW supports various types of reports, the system takes a certain period of time to incorporate log data into the corresponding reports. Therefore, the data queried from logs and reports within the same period of time may have tiny differences. This is a normal situation.
  • The system obtains log data at the specified interval to generate reports. The intervals for nearest data in reports queried in different time segments may be different. Therefore, it is normal that data in the same time segment in reports queried with different start time has tiny differences.
  • For each type of reports, you can view a maximum of 10,000 pieces of top ranking data on the web UI and export a maximum of 10,000 pieces of top ranking data at a time on a device that supports report export.
  • In a scenario where the application identification mode is intelligent identification, the FW performs application identification on traffic that matches a policy only when the policy has application identification or content security detection configured. If the application identification mode is full identification, the FW performs application identification on all traffic. If the service traffic has no application information, configure the application in the policy or set Application Identification Mode to Full Identification. You can use the sa force-detection enable command to configure the application identification mode.
  • The value displayed at a certain time point on the web page of each type of report indicates the accumulated traffic volume in a period rather than the traffic volume at the single time point. The period can be obtained by moving the cursor to the next coordinate. The time difference between the two coordinates indicates the period.
  • To present to you the reports you may see on the UI, this document contains a large number of UI snapshots and videos. However, the actual UI may be partially different from the snapshots in the document.
  • When there are a large number of concurrent sessions on the FW, the traffic value in the traffic report may be smaller than the actual traffic value. This is because the memory space used for traffic statistics limits the maximum number of sessions. When the number of sessions on the FW exceeds this limit, the excess sessions will not be counted.
  • FW reports are generated based on the aggregated log data of the FW. When the FW has multiple virtual systems, the aggregated data is evenly distributed to these virtual systems. If the number of virtual systems is greater than the maximum number supported by the reports, the data of the excess virtual systems cannot be collected to the reports.
  • The traffic report function must be enabled before you view traffic reports. The traffic report function can be enabled only in CLI mode. For versions earlier than V600R007C20SPC300, run the log type traffic enable command to enable the traffic report function; For V600R007C20SPC300 and later versions, run the log type traffic-report enable command to enable the traffic report function.
  • The functions of Add Filter, exporting PDF files, and exporting CSV files can be used only when the storage medium is available.
Parent Topic: Reports
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >