Help
FortiSIEM Discussions
Ali_Maher
New Contributor II

Created on ‎05-14-2024 06:35 AM

Incident Status

Hello,

 

Ask about the Incident Status:- Active, Manaually Cleared, Automatically cleared, and System cleared.

 

the System cleared and the Auto cleared is performed by the system itself no interaction from the user side.

 

How can i use them efficiently?

BR, Ali Maher
BR, Ali Maher
Labels:
127
0 Kudos
2 REPLIES 2
Secusaurus
Contributor

Created on ‎05-14-2024 06:49 AM

Hello Ali,

 

I am sorry, but I don't understand your question here.

You can only clear manually, so the auto-clear (ML or clear-condition cleared it) and system-clear (one day after incident happened) is just something to get you better understanding about the reason for clearing. So what do you have in mind for using them "efficiently"?

 

Best,

Christian

FCP & FCSS Security Operations | Fortinet Advanced Partner
FCP & FCSS Security Operations | Fortinet Advanced Partner
120
0 Kudos
knguyen1
New Contributor

Created on ‎05-17-2024 12:22 PM

Ali might be saying that incidents are automatically clearing even without a rule definition defined. If so, we're seeing something similar.  

72
0 Kudos
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.