Help
FortiSIEM
FortiSIEM provides Security Information and Event Management (SIEM) and User and Entity Behavior Analytics (UEBA)
Andy_G
Staff
Staff

Created on ‎09-28-2016 02:26 AM Edited on ‎05-26-2022 11:24 AM By Anonymous

Article Id 195787

Technical Note: [Accelops KB] How to configure Synthetic Transaction Monitoring

Description

Summary of Topic

This article will walk through on how to configure STM (Synthetic Transaction Monitoring)

 

Steps

There are two distinct operations that must happen when configuring synthetic transaction monitoring.

  • Create the definitions for the monitors.
  • Associate a hostname or ip address with the definitions.

At the heart of these operations is ensuring that the correct protocols for each device are used.  The setup can also be tested for correctness.



 

Create/Edit monitoring definitions

A user needs to define templates that describe the applications or services that they wish to monitor from an end-user perspective.

(Head to Setup Wizard --> Synthetic Transaction Monitoring)

Add / Edit a definition
  1. Click the 'Add' button.
    1. Select a definition and click the 'Edit' button to edit an existing definition.

  2. Enter a name for the monitor definition in the 'Name' text box. This is a required field.
  3. Enter a description for the monitor definition in the 'Description' text box.
  4. In the 'Frequency' text box enter the amount of time in minutes between monitoring checks. This is a required field.
  5. Choose the protocol used from the 'Protocol' drop down menu accessed from the down arrow.
  6. Set the upper limit in seconds for trying to monitor a device in the 'Timeout' text box. This is a required field.
Delete a definition
  1. Select a definition.
  2. Click the 'Delete' button.
  3. Click the 'Yes' button in the confirmation box.

Clone a definition
  1. Select a definition.
  2. Click the 'Clone' button.
    1. A copy of the selected definition is created with '_copy' appended to the end of its name.
    2. Select the new definition and edit the new definition's properties.

 

Associate host or IP address with monitored definitions.

Once a definition has been created, the host or IP address that it will monitor must be added. This can be a hostname, single IP address, a range of IP addresses, or set as any address that has been found to run the application being monitored. 

Create and Test STM
  1. Click the 'Create and Test' button.
  2. Enter a hostname, ip address or ip range into 'Host Name' text bo
  3. Enter the definition to be monitored by using the drop down arrow next to the 'Monitoring Definition' text box. This is a required field.
  4. Add the ports used for the monitoring event.
  5. Click the green '+' icon to add a new port.
    1. Enter the port to be used. This is a required field.
    2. Determine if SSL is used by clicking the 'Use SSL' check box.

After the user clicked the 'OK' button, the system will do a automatic test connectivity to device or host using the credentials. !stm-test-popup21.png|border=1!If the service monitoring test is successful, the entry will be added to the table.

Deleting STM definition
  1. Select the entry to delete.
  2. Click on the 'Delete' button.
  3. Click the 'Yes' button in the confirmation box.

End user monitoring status

A list of the rules that are being used to monitor devices can be found by clicking the 'Synthetic Transaction Monitoring Status' link to the right of the 'Step 2' section.

 

Version Application

 

Labels:
342
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.