When you frequently use the same search parameters in FortiAnalyzer's Log View, setting up a reusable filter or view can save considerable time. Here's an analysis of each option:
Option A - Configure a Custom Dashboard:
Custom dashboards are useful for displaying a variety of widgets and summaries on network activity, performance, and threat data, but they are not designed for storing specific search filters for log views.
Conclusion: Incorrect.
Option B - Configure a Custom View:
Custom views in FortiAnalyzer allow analysts to save specific search filters and configurations. By setting up a custom view, you can retain your frequently used search parameters and quickly access them without needing to reapply filters each time. This option is specifically designed to streamline the process of recurring log searches.
Conclusion: Correct.
Option C - Configure a Data Selector:
Data selectors are used to define specific types of data for FortiAnalyzer reports and widgets. They are useful in reports but are not meant for saving and reusing log search parameters in Log View.
Conclusion: Incorrect.
Option D - Configure a Macro and Apply It to Device Groups:
Macros in FortiAnalyzer are generally used for automation tasks, not for saving log search filters. Applying macros to device groups does not fulfill the requirement of saving specific log view search parameters.
Conclusion: Incorrect.
Conclusion:
Correct Answe r : B. Configure a custom view.
Custom views allow you to save specific search filters, enabling quick access to frequently used parameters in Log View.
Reference:
FortiAnalyzer 7.4.1 documentation on creating and using custom views for log searches.