Skip to main content
adem_netsys
adem_netsys
Explorer III
October 17, 2024
Question

All active rules in the installation

  • October 17, 2024
  • 1 reply
  • 875 views

As you know, when we first install FortiSIEM, there are many rules that come active by default, which triggers rules and creates incidents as log sources are added. Our goal is to eliminate false positives here. So, is there any chance to disable the active rules without adding log sources during the initial setup phase?

    1 reply

    adem_netsys
    adem_netsysAuthor
    Explorer III
    October 19, 2024

    Hi,

    Has anyone experienced it before?

    premchanderr
    Staff & Editor
    premchanderr
    Staff & Editor
    October 21, 2024

    HI @adem_netsys ,

     

    You can activate and deactivate rule groups. 


    Documentation:

    https://help.fortinet.com/fsiem/7-2-3/Online-Help/HTML5_Help/Activating_and_deactivating_rules.html#Activati3 

     

    adem_netsys
    adem_netsysAuthor
    Explorer III
    October 21, 2024

    Hi @premchanderr 

     

    I guess I couldn't see it due to a version-related situation, then I got what I wanted

    Terms & ConditionsAccessibility statement