A FortiGate administrator wants to use FortiAnalyzer to generate a report on top talkers in the network. Which FortiView feature should be used?
FortiView provides traffic analytics including top talkers.
Why this answer
FortiView is the correct feature because it provides real-time and historical traffic visibility, including top talkers, directly from the FortiGate's session table and logs. FortiView's 'Top Talkers' widget aggregates traffic by source IP, destination IP, or application, allowing the administrator to generate reports on the highest bandwidth consumers without needing to run complex queries in Log Analytics.
Exam trap
The trap here is that candidates confuse FortiView with Log Analytics, assuming that any log-based reporting must go through Log Analytics, but FortiView provides the pre-built, aggregated top talkers view without requiring SQL-like queries.
How to eliminate wrong answers
Option A is wrong because Log Analytics is a FortiAnalyzer feature for running SQL-like queries against indexed logs, not a dedicated FortiView feature for visualizing top talkers; it requires manual query construction and lacks the pre-built, real-time top talker widgets. Option C is wrong because Playbooks are automation workflows in FortiSOAR or FortiAnalyzer for incident response, not a reporting or traffic visibility feature. Option D is wrong because Incidents are security event aggregations in FortiAnalyzer's Incident Management module, used for threat investigation and response, not for generating top talker reports.