Sumo Logic + Fortigate + IPS Results

I built this panel for my Fortigate dashboard that lists out the top 10 IPS rules triggered. I find this helpful so that I can track down potential issues or new vulnerabilities that the firewall has caught but I did not know about.

The above gives you the top 10 IPS rules triggered and is now suitable for your dashboard (first picture). If you are in the search area of the Sumo Logic interface then check out the message tab as it lists the source and destination IP addresses as well as the basic service listed in human readable columns (second picture).

2015-08-08-sl-fgt-ips-results
Older example